Accepting a check deposit from a mobile device in communication with an automated teller machine

ABSTRACT

An automated banking machine operates to cause financial transfers responsive at least in part to data read from data bearing records. The automated banking machine includes a card reader that is operative to read card data corresponding to financial accounts from user cards. The card data is linked in at least one data store to data indicating that the card data corresponds to a financial account that is authorized to be used to conduct at least one transaction through use of the automated banking machine. The automated banking machine may be used to carry out financial transfers involving financial accounts by users who are determined to be authorized users of such accounts. Data corresponding to a financial account can also be linked to a mobile wireless device so as to enable financial transfers by authorized users of such accounts.

CROSS REFERENCE TO RELATED APPLICATIONS

This application claims the benefit of U.S. Provisional Application No.61/742,391 filed Aug. 9, 2012.

TECHNICAL FIELD

This invention relates to automated banking machines that operateresponsive to data read from data bearing records including user cards

BACKGROUND ART

Automated banking machines may include a card reader that operates toread data from a bearer record such as a user card. Automated bankingmachines may operate to cause the data read from the card to be comparedwith other computer stored data related to the bearer or their financialaccounts. The machine operates in response to the comparison determiningthat the bearer record corresponds to an authorized user or anauthorized account, to carry out at least one transaction which may beoperative to transfer value to or from at least one financial account. Arecord of the transaction is also often printed through operation of theautomated banking machine and provided to the user. Automated bankingmachines may be used to carry out transactions such as dispensing cash,the making of deposits, the transfer of funds between accounts andaccount balance inquiries. The types of banking transactions that may becarried out are determined by the capabilities of the particular bankingmachine and system, as well as the programming of the institutionoperating the machine.

Other types of automated banking machines may be operated by merchantsto carry out commercial transactions. These transactions may include,for example, the acceptance of deposit bags, the receipt of checks orother financial instruments, the dispensing of rolled coin, or othertransactions required by merchants. Still other types of automatedbanking machines may be used by service providers in a transactionenvironment such as at a bank to carry out financial transactions. Suchtransactions may include for example, the counting and storage ofcurrency notes or other financial instrument sheets, the dispensing ofnotes or other sheets, the imaging of checks or other financialinstruments, and other types of transactions. For purposes of thisdisclosure an automated banking machine, automated transaction machineor an automated teller machine (ATM) shall be deemed to include anymachine that may be used to automatically carry out transactionsinvolving transfers of value.

BRIEF DESCRIPTION OF DRAWINGS

FIG. 1 is an isometric external view of an exemplary automated bankingmachine which is an automated banking machine and which incorporatessome aspects and features described in the present application.

FIG. 2 is a front plan view of the machine shown in FIG. 1.

FIG. 3 is a transparent side view showing schematically some internalfeatures of the machine.

FIG. 4 is a schematic view representative of the software architectureof an exemplary embodiment.

FIG. 5 is a front view showing the fascia portion moved to access afirst portion of an upper housing of the machine.

FIG. 6 is a partially transparent side view showing air flow through anair cooling opening of the machine.

FIG. 7 is an isometric view of the machine shown in FIG. 1 with thecomponents of the upper housing portion removed.

FIG. 8 is a schematic side view of the housing showing schematically theillumination system for the transaction areas and representing inphantom the movement of the upper fascia portion so as to provide accessfor servicing.

FIG. 9 is a schematic view of an illumination and anti-fraud sensingdevice which bounds a card reader slot of an exemplary embodiment.

FIG. 10 is a schematic side view of an unauthorized card reading devicein operative connection with a housing of the anti-fraud sensor.

FIG. 11 is a schematic view of exemplary logic for purposes of detectingthe presence of an unauthorized card reading device in proximity to thecard reader during operation of the machine.

FIG. 12 is an exemplary side, cross sectional view of an automatedbanking machine keypad.

FIG. 13 is a schematic representation of a sensor for sensing whether anunauthorized key input sensing device has been placed adjacent to thekeypad.

FIG. 14 is a view of a keypad similar to FIG. 12 but with anunauthorized key input sensing device attached.

FIG. 15 is a schematic representation similar to FIG. 13, butrepresenting the change in reflected radiation resulting from theattachment of the unauthorized key input sensing device.

FIG. 16 shows an automated banking machine security arrangement.

FIG. 17 shows an arrangement for comparing GPS location data to storedlocation data.

FIG. 18 shows an automated banking machine with GPS.

FIG. 19 shows a representation of a database portion.

FIG. 20 shows a service provider, database, and requester arrangement.

FIG. 21 shows a flowchart of a service process.

FIG. 22 shows an exemplary fraud prevention service arrangement.

FIG. 23 is a schematic view of an alternative automated banking machinesystem.

FIGS. 24 and 25 are a schematic representation of software logic carriedout by an exemplary automated banking machine used in the system shownin FIG. 23.

FIG. 26 is a simplified schematic representation of software logiccarried out through operation of a server used in the system representedin FIG. 23.

FIG. 27 shows an account security system arrangement.

FIG. 28 shows another account security system arrangement.

FIG. 29 shows a further account security system arrangement.

FIG. 30 is a schematic view of an alternative automated banking machinesystem.

FIG. 31 is a schematic representation of software logic carried out bythe exemplary automated banking machine system shown in FIG. 30.

FIG. 32 is a simplified schematic representation of software logiccarried out through operation of the exemplary automated banking machinesystem represented in FIG. 30.

FIG. 33 is an exemplary view of an output from an automated bankingmachine that enables carrying out transactions through a mobile wirelessdevice.

FIG. 34 shows a further screen that is output through an automatedbanking machine in connection with carrying out transactions through amobile wireless device.

FIG. 35 is a schematic representation of a mobile wireless devicecapturing data from a screen output from an automated banking machine.

FIG. 36 is a schematic view of an alternative embodiment of an automatedbanking machine system.

FIG. 37 is a flow chart that schematically shows logic carried out inconnection with an exemplary automated banking machine of the systemshown in FIG. 36.

FIG. 38 is a flow chart showing a schematic logic flow carried out by aportable wireless device used in the system of FIG. 36.

FIG. 39 is an isometric view of a portable wireless device providing anexemplary output that is received by an input device associated with anautomated banking machine in the system shown in FIG. 36.

FIG. 40 is a schematic view of an alternative automated banking machinesystem.

FIG. 41 is a flow chart showing a schematic view of logic carried out inconnection with a portable wireless device or other computing deviceused in connection with the system shown in FIG. 40.

OVERVIEW OF EXAMPLE EMBODIMENTS

The following presents a simplified overview of the example embodimentsin order to provide a basic understanding of some aspects of the exampleembodiments. This overview is not an extensive overview of the exampleembodiments. It is intended to neither identify key or critical elementsof the example embodiments nor delineate the scope of the appendedclaims. Its sole purpose is to present some concepts of the exampleembodiments in a simplified form as a prelude to the more detaileddescription that is presented later.

In accordance with an example embodiment, there is disclosed herein, anapparatus comprising an automated banking machine that operates to causefinancial transfers responsive at least in part to data read from databearing records. The automated banking machine comprises a card readeroperative to read card data from a card associated with a user thatcorrespond to a financial account, an input device operative to receiveinputs from a user, a cash dispenser operative to selectively cause cashstored in the machine to be accessible to the associated user, and anautomated banking machine computer operatively coupled with the cardreader and the input device. The automated banking machine computer isoperable to obtain card data from a card associated with the associateduser from the card reader, and determine from the card data a financialaccount for conducting a transaction. The automated banking machinecomputer is operable to receive data representative of a check from theinput device, wherein the data representative of the check correspondsto check data that was sent from a mobile device to a remote computerassociatively coupled with the automated banking machine computer via acommunication path that does not include the automated banking machine.

In accordance with an example embodiment, there is disclosed herein, anapparatus comprising an automated banking machine that operates to causefinancial transactions responsive in part to data read from data bearingrecords. The automated banking machine comprises a card reader that isoperative to read card data from a card associated with a financialaccount associated with a user, an input device that is operative toreceive inputs from the user, and an automated banking machine computerthat is coupled with the card reader, an input device, and the outputdevice. The automated banking machine computer obtains card data fromthe card reader and determines the financial account associated with theuser. The automated banking machine computer is operative to determinethat a merchant affinity program is associated with the card data andcause a promotional offer associated with the merchant affinity programto be output via the output device.

In accordance with an example embodiment, there is disclosed herein,

DESCRIPTION OF EXAMPLE EMBODIMENTS

Referring now to the drawings and particularly to FIG. 1, there is showntherein an exemplary embodiment of an automated banking machinegenerally indicated 10. In the exemplary embodiment automated bankingmachine 10 is a drive up machine, however the features described andclaimed herein are not necessarily limited to machines of this type. Theexemplary machine includes a housing 12. Housing 12 includes an upperhousing area 14 and asecure chest area 16 in a lower portion of thehousing. Access to the chest area 16 is controlled by a chest door 18which when unlocked by authorized persons in the manner later explained,enables gaining access to the interior of the chest area.

The exemplary machine 10 further includes a first fascia portion 20 anda second fascia portion 22. Each of the fascia portions is movablymounted relative to the housing as later explained, which in theexemplary embodiment facilitates servicing.

The machine includes a user interface generally indicated 24. Theexemplary user interface includes input devices such as a card reader 26(shown in FIG. 3) which is in connection with a card reader slot 28which extends in the second fascia portion. Other input devices of theexemplary user interface 24 include function keys 30 and a keypad 32.The exemplary machine 10 also includes a camera 34 which operates as animage capture device and which also may serve as an input device forbiometric features and the like. The exemplary user interface 24 alsoincludes output devices such as a display 36. Display 36 is viewable byan operator of the machine when the machine is in the operativecondition through an opening 38 in the second fascia portion 22. Furtheroutput devices in the exemplary user interface include a speaker 40. Aheadphone jack 42 also serves as an output device. The headphone jackmay be connected to a headphone provided by a user who is visuallyimpaired to provide the user with voice guidance in the operation of themachine. The exemplary machine further includes a receipt printer 44(see FIG. 3) which is operative to provide users of the machine withreceipts for transactions conducted. Transaction receipts are providedto users through a receipt delivery slot 46 which extends through thesecond fascia portion. Exemplary receipt printers that may be used insome embodiments are shown in U.S. Pat. No. 5,729,379 and U.S. Pat. No.5,850,075, the entire disclosures of which are incorporated by referenceherein. It should be understood that these input and output devices ofthe user interface 24 are exemplary and in other embodiments, other ordifferent input and output devices may be used.

In the exemplary embodiment the second fascia portion has includedthereon a deposit envelope providing opening 48. Deposit envelopes maybe provided from the deposit envelope providing opening to users who mayplace deposits in the machine. The second fascia portion 20 alsoincludes a fascia lock 50. Fascia lock 50 is in operative connectionwith the second fascia portion and limits access to the portion of theinterior of the upper housing behind the fascia to authorized persons.In the exemplary embodiment fascia lock 50 comprises a key type lock.However, in other embodiments other types of locking mechanisms may beused. Such other types of locking mechanisms may include for example,other types of mechanical and electronic 20 locks that are opened inresponse to items, inputs, signals, conditions, actions or combinationsor multiples thereof.

The exemplary machine 10 further includes a delivery area 52. Deliveryarea 52 is in connection with a currency dispenser device 54 which isalternatively referred to herein as a cash dispenser, which ispositioned in the chest portion and is shown schematically in FIG. 3.For 25 purposes hereof, a cash dispenser shall be deemed to include anydevice that causes stored currency such as coins and/or currency billsthat are stored in the machine to be made available externally of themachine so that they may be taken by machine users. The delivery area 52is a transaction area on the machine in which currency sheets aredelivered to a user. In the exemplary embodiment the delivery area 52 ispositioned and extends within a recessed pocket 56 in the housing of themachine.

Machine 10 further includes a deposit acceptance area 58. Depositacceptance area is an area through which deposits such as depositenvelopes to be deposited by users are placed in the machine. Thedeposit acceptance area 58 is in operative connection with a depositaccepting device positioned in the chest area 16 of the machine.Exemplary types of deposit accepting devices are shown in U.S. Pat. No.4,884,769 and U.S. Pat. No. 4,597,330, the entire disclosures of whichare incorporated herein by reference.

In the exemplary embodiment the deposit acceptance area serves as atransaction area of the machine and is positioned and extends within arecessed pocket 60. It should be understood that while the exemplaryembodiment of machine 10 includes an envelope deposit accepting deviceand a currency sheet dispenser device, other or different types oftransaction function devices may be included in automated bankingmachines. These may include for example, check and/or money orderaccepting devices, ticket accepting devices, stamp accepting devices,card dispensing devices, money order dispensing devices and other typesof devices which are operative to carry out transaction functions.

In the exemplary embodiment the machine 10 includes certain illuminatingdevices which are used to illuminate transaction areas, some of whichare later discussed in detail. First fascia portion 20 includes anillumination panel 62 for illuminating the deposit envelope providingopening. Second fascia portion 22 includes an illumination panel 64 forilluminating the area of the receipt delivery slot 46 and the cardreader slot 28. Further, an illuminated housing 66 later discussed indetail, bounds the card reader slot 28. Also, in the exemplaryembodiment an illuminating window 68 is positioned in the recessedpocket 56 of the delivery area 52. An illuminating window 70 ispositioned in the recessed pocket 60 of the deposit acceptance area 58.It should be understood that these structures and features are exemplaryand in other embodiments other structures and features may be used.

As schematically represented in FIG. 3, the machine 10 includes one ormore internal computers. Such internal computers include one or moreprocessors. Such processors may be in operative connection with one ormore data stores. In some embodiments processors may be located oncertain devices within the machine so as to individually control theoperation thereof. Examples such as multi-tiered processor systems areshown in U.S. Pat. No. 6,264,101 and U.S. Pat. No. 6,131,809, the entiredisclosures of which are incorporated herein by reference.

For purposes of simplicity, the exemplary embodiment will be describedas having a single controller which is alternatively referred to hereinas a computer, which controls the operation of devices within themachine. However it should be understood that such reference shall beconstrued to encompass multicontroller and multiprocessor systems as maybe appropriate in controlling the operation of a particular machine. InFIG. 3 the controller is schematically represented 72. Also asschematically represented, the controller is in operative connectionwith one or more data stores 78. Such data stores in exemplaryembodiments are operative to store program instructions, values andother information used in the operation of the machine. Although thecontroller is schematically shown in the upper housing portion ofmachine 10, it should be understood that in alternative embodimentscontrollers may be located within various portions of the automatedbanking machine.

In order to conduct transactions the exemplary machine 10 communicateswith remote computers. The remote computers are operative to exchangemessages with the machine and authorize and record the occurrence ofvarious transactions. This is represented in FIG. 3 by the communicationof the machine through a network with a bank 78, which has at least onecomputer which is operative to exchange messages with the machinethrough a network. The bank computer is alternatively referred to hereinas a host. For example, the bank 78 may receive one or more messagesfrom the machine requesting authorization to allow a customer towithdraw $200 from the customer's account. In an exemplary embodimentthe machine operates to send at least one message including datacorresponding to card data read from the user's card as well as apersonal identification number (PIN) and/or other identifying data tothe remote computer. The data included in the one or more messages sentby the machine enables the remote computer to determine that the user atthe machine is an authorized user who is permitted to conduct therequested transaction. The remote host computer at the bank 78 willoperate to determine that such a withdrawal is authorized and willreturn one or more messages to the machine through the networkauthorizing the transaction. After the machine conducts the transaction,the machine will generally send one or more messages back through thenetwork to the bank indicating that the transaction was successfullycarried out. Of course these messages are merely exemplary.

Other systems may operate in a manner like that described in U.S. Pat.No. 8,201,732 the disclosure of which is incorporated herein byreference in its entirety. In such systems, an automated banking machinemay be operated in a virtual environment, and the physical machine iscontrolled responsive to operation of the virtual machine.

It should be understood that in some embodiments the machine maycommunicate with other entities and through various networks. Forexample as schematically represented in FIG. 3, the machine willcommunicate with computers operated by service providers 80. Suchservice providers may be entities to be notified of status conditions ormalfunctions of the machine as well as entities that are to be notifiedof corrective actions. An example of such a system for accomplishingthis is shown in U.S. Pat. No. 5,984,178, the entire disclosure of whichis incorporated herein by reference. Other third parties who may receivenotifications from exemplary machines include entities responsible fordelivering currency to the machine to assure that the currency suppliesare not depleted. Other entities may be responsible for removing deposititems from the machine. Alternative entities that may be notified ofactions at the machine may include entities which hold marketing dataconcerning consumers and who provide messages which correspond tomarketing messages to be presented to consumers. For example someembodiments may operate in a manner described in U.S. Pat. No.7,516,087, the entire disclosure of which is incorporated herein byreference. Various types of messages may be provided to remote systemsand entities by the machine depending on the capabilities of themachines in various embodiments and the types of transactions beingconducted.

FIG. 4 shows schematically an exemplary software architecture which maybe operative in the controller 72 of machine 10. The exemplary softwarearchitecture includes an operating system such as for example Microsoft®Windows, Google Chrome, IBM OS/2® or Linux. The exemplary softwarearchitecture also includes a machine application schematicallyrepresented 82. The exemplary application includes the instructions forthe operation of the automated banking machine and may include, forexample, an Agilis™ 91× application that is commercially available fromDiebold, Incorporated which is a cross vendor software application foroperating automated banking machines. Further examples of softwareapplications which may be used in some embodiments are shown in U.S.Pat. Nos. 6,289,320 and 6,505,177, the entire disclosures of which areherein incorporated by reference.

In the exemplary embodiment middleware software schematically indicated84 is operative in the controller. In the exemplary embodiment themiddleware software operates to compensate for differences betweenvarious types of automated banking machines and transaction functiondevices used therein. The use of a middleware layer enables the moreready use of an identical software application on various types ofautomated banking machine hardware. In the exemplary embodiment themiddleware layer may be Involve® software which is commerciallyavailable from a wholly owned subsidiary of the assignee of the presentapplication.

The exemplary software architecture further includes a diagnostics layer86. The diagnostics layer 86 is operative as later explained to enableaccessing and performing various diagnostic functions of the deviceswithin the machine. In the exemplary embodiment the diagnostics operatein conjunction with a browser schematically indicated 88.

The exemplary software architecture further includes a service providerlayer schematically indicated 90. The service provider layer may includesoftware such as WOSA XFS service providers for J/XFS service providerswhich present a standardized interface to the software layers above andwhich facilitate the development of software which can be used inconjunction with different types of machine hardware. Of course thissoftware architecture is exemplary and in other embodiments otherarchitectures may be used.

As schematically represented in FIG. 4, a controller 72 is in operativeconnection with at least one communications bus 92. The communicationsbus may in some exemplary embodiments be a universal serial bus (USB) orother standard or nonstandard type of bus architecture. Thecommunications bus 92 is schematically shown in operative connectionwith transaction function devices 94. The transaction function devicesinclude devices in the machine which are used to carry out transactions.These may include for example the currency dispenser device 54, cardreader 26, receipt printer 44, keypad 32, as well as numerous otherdevices which are operative in the machine and controlled by thecontroller to carry out transactions. In the exemplary embodiment one ofthe transaction function devices in operative connection with thecontroller is a diagnostic article reading device 96 which may beoperative to read a diagnostic article schematically indicated 98 whichmay provide software instructions useful in servicing the machine.Alternatively and/or in addition, provision may be made for connectingthe bus 92 or other devices in the machine computer device 100 which maybe useful in performing testing or diagnostic activities related to themachine 10.

In the exemplary embodiment of machine 10 the first fascia portion 20and the second fascia portion 22 are independently movably mounted onthe machine housing 12. This is accomplished through the use of hingesattached to fascia portion 20. The opening of the fascia lock 50 on thefirst fascia portion 20 enables the first fascia portion to be moved toan open position as shown in FIG. 5. In the open position of the firstfascia portion an authorized user is enabled to gain access to a firstportion 102 in the upper housing area 14. In the exemplary embodimentthere is located within the first portion 102 a chest lock input device104. In this embodiment the chest lock input device comprises a manualcombination lock dial, electronic lock dial or other suitable inputdevice through which a combination or other unlocking inputs or articlesmay be provided. In this embodiment, input of a proper combinationenables the chest door 18 to be moved to an open position by rotatingthe door about hinges 106. In the exemplary embodiment the chest door isopened once the proper combination has been input by manipulating alocking lever 108 which is in operative connection with a boltwork. Theboltwork which is not specifically shown is operative to hold the chestdoor in a locked position until the proper combination is input. Uponinput of the correct combination the locking lever enables movement ofthe boltwork so that the chest door can be opened. The boltwork alsoenables the chest door to be held locked after the activities in thechest portion have been conducted and the chest door is returned to theclosed position. Of course in other embodiments other types ofmechanical or electrical locking mechanisms may be used. In theexemplary embodiment the chest lock input device 104 is in supportingconnection with a generally horizontally extending dividing wall 110which separates the chest portion from the upper housing portion. Ofcourse this housing structure is exemplary and in other embodimentsother approaches may be used.

An authorized servicer who needs to gain access to an item, component ordevice of the machine located in the chest area may do so by opening thefascia lock and moving the first fascia portion 20 so that the area 102becomes accessible. Thereafter the authorized servicer may access andmanipulate the chest lock input device to receive one or more inputs,which if appropriate enables unlocking of the chest door 18. The chestdoor may thereafter be moved relative to the housing and about itshinges 106 to enable tl1e servicer to gain access to items, devices orcomponents within the chest. These activities may include for exampleadding or removing currency, removing deposited items such as envelopesor checks, or repairing mechanisms or electrical devices that operate toenable the machine to accept deposited items or to dispense currency.When servicing activity within the chest is completed, the chest doormay be closed and the locking lever 108 moved so as to secure theboltwork holding the chest door in a closed position. Of course thisstructure and service method is exemplary and in other embodiments otherapproaches may be used.

In the exemplary embodiment the second fascia portion 22 is also movablerelative to the housing of the machine. In the exemplary embodiment thesecond fascia portion 22 is movable in supporting connection with arollout tray 112 schematically shown in FIG. 3. The rollout tray isoperative to support components of the user interface thereon as well asthe second fascia portion. The rollout tray enables the second fasciaportion to move outward relative to the ATM housing thereby exposingcomponents and transaction function devices supported on the tray andproviding access to a second portion 114 within the upper housing andpositioned behind the second fascia portion. Thus as can be appreciated,when the second fascia portion is moved outward, the components on thetray are disposed outside the housing of the machine so as to facilitateservicing, adjustment and/or replacement of such components. Furthercomponents which remain positioned within the housing of the machine asthe rollout tray is extended become accessible in the second portion asthe second fascia portion 22 is disposed outward and away from thehousing.

In the exemplary embodiment the rollout tray 112 is in operativeconnection with a releasable locking device. The locking device isgenerally operative to hold the tray in a retracted position such thatthe second fascia portion remains in an operative position adjacent tothe upper housing area as shown in FIGS. 1, 2 and 3. This releasablelocking mechanism may comprise 5 one or more forms of locking typedevices. In the exemplary embodiment the releasable locking mechanismmay be released by manipulation of an actuator 116 which is accessibleto an authorized user in the first portion 102 of the upper housing 14.As a result, an authorized servicer of the machine is enabled to movethe second fascia portion outward for servicing by first accessingportion 102 in the manner previously discussed. Thereafter, bymanipulating the 10 actuator 116 the second fascia portion is enabled tomove outward as shown in phantom in FIG. 8 so as to facilitate servicingcomponents on the rollout tray. Such components may include for examplea printer or card reader. After such servicing the second fascia portionmay be moved toward the housing so as to close the second portion 114.Such movement in the exemplary embodiment causes the rollout tray to belatched and held in the retracted position 15 without furthermanipulation of the actuator. However, in other embodiments other typesof locking mechanisms may be used to secure the rollout tray in theretracted position. It should be understood this approach is exemplaryand in other embodiments other approaches may be used.

As best shown in FIG. 7 in which the components supported in the upperhousing are not shown, the delivery area 52 and the deposit acceptancearea 58 are in supporting connection with the chest door 18. As suchwhen the chest door 18 is opened, the delivery area 52 and the depositacceptance area 58 will move relative to the housing of the machine. Theexemplary embodiment shown facilitates servicing of the machine byproviding for the illumination for the transaction areas by illuminationsources positioned in supporting connection with the rollout tray 112.As best shown in FIG. 6, these illumination sources 118 are movable withthe rollout tray and illuminate in generally a downward direction. Inthe operative position of the second fascia portion 22 and the chestdoor 18, the illumination sources are generally aligned with apertures120 and 122 which extend through the top of a cover 124 which generallysurrounds the recessed pockets 60 and 56. As shown in FIG. 10, aperture120 is generally vertically aligned with window 68, and aperture 122 isgenerally aligned with window 70. In an exemplary embodiment, apertures120 and 122 each have a translucent or transparent lens positionedtherein to minimize risk of introduction of dirt or other contaminantsinto the interior of the cover 124.

As can be appreciated from FIGS. 6 and 8, when the chest door 18 isdosed and the second fascia portion 22 is moved to the operativeposition, the illumination sources 118 are 5 positioned in generallyaligned relation with apertures 120 and 122. As a result theillumination of the illumination devices is operative to cause light tobe transmitted through the respective aperture and to illuminate thetransaction area within the corresponding recessed pocket.

In operation of an exemplary embodiment, the controller executesprogrammed instructions so as to initiate illumination of eachtransaction area at appropriate times during the conduct oftransactions. For example in the exemplary embodiment if the user isconducting a cash withdrawal transaction, the controller may initiateillumination of the delivery area 52 when the cash is delivered thereinand is available to be taken by a user. Such illumination draws theuser's attention to the need to remove the cash and will point out tothe user that the cash is ready to be taken. In the exemplary embodimentthe controller is programmed so that when the user takes the cash themachine will move to the next transaction step. After the cash is sensedas taken, the controller may operate to cease illumination of thedelivery area 56. Of course these approaches are exemplary.

Likewise, in an exemplary embodiment, if a user of the machine indicatesthat they wish to conduct a deposit transaction, the controller maycause the machine to operate to initiate illumination of the depositacceptance area 58. The user's attention is drawn to the place wherethey must insert the deposit envelope in order to have it be accepted inthe machine. In the exemplary embodiment the controller may operate toalso illuminate the illumination panel 62 to illuminate the depositenvelope providing opening 48 so that the user is also made aware of thelocation from which a deposit envelope may be provided. In an exemplaryembodiment the controller may operate to cease illumination through thewindow 70 and/or the illumination panel 62 after the deposit envelope isindicated as being sensed within the machine.

In alternative embodiments other approaches may be taken. This mayinclude for example drawing the customer's attention to the particulartransaction area by changing the nature of the illumination in therecessed pocket to which the customer's attention is to be drawn. Thismay be done for example by changing the intensity of the light, flashingthe light, changing the color of the light or doing other actions whichmay draw a user's attention to the appropriate transaction area.Alternatively or in addition, a sound emitter, vibration, projectingpins or other indicator may be provided for visually impaired users soas to indicate to them the appropriate transaction area to which thecustomer's attention is to be drawn. Of course these approaches areexemplary and in other embodiments other approaches may be used.

As previously discussed the exemplary embodiment of machine 10 is alsooperative to draw a user's attention at appropriate times to the cardreader slot 28. Machine 10 also includes features to minimize the riskof unauthorized interception of card data by persons who may attempt toinstall a fraud device such as an unauthorized card reading device onthe machine. As shown in FIG. 9, the exemplary card slot 28 extendsthrough a card slot housing 66 which extends in generally surroundingrelation of the card slot. It should be understood that although thehousing 66 generally bounds the entire card slot, in other embodimentsthe principles described herein may be applied by bounding only one ormore sides of a card slot as may be appropriate for detectingunauthorized card reading devices. Further, it should be understood thatwhile the exemplary embodiment is described in connection with a cardreader that accepts a card into the machine, the principles beingdescribed may be applied to types of card readers that do not accept acard into the machine, such as readers where a user draws the cardthrough a slot, inserts and removes a card manually from a slot,bringing a card or a card containing device that 20 can communicatewirelessly in proximity to a reading device and other card readingstructures.

In the exemplary embodiment the housing 66 includes a plurality ofradiation emitting devices 126. The radiation emitting devices emitvisible radiation which can be perceived by a user of the machine.However, in other embodiments the radiation emitting devices may includedevices which emit nonvisible radiation such as infrared radiation, butwhich nonetheless can be 25 used for sensing the presence ofunauthorized card reading devices adjacent to the card slot. In theexemplary embodiment the controller operates to illuminate the radiationemitting devices 126 at appropriate times during the transactionsequence. This may include for example times during transactions when auser is prompted to input the card into the machine or alternativelywhen a user is prompted to take the card from the card slot 28. Invarious embodiments the controller may be programmed to provide solidillumination of the radiation emitting devices or may vary the intensityof the devices as appropriate to draw the user's attention to the cardslot.

In the exemplary embodiment the card slot housing 66 includes thereinone or more radiation sensing devices 128. The radiation sensing devicesare positioned to detect changes in 5 at least one property of theradiation reflected from emitting devices 126. The sensing devices 128are in operative connection with the controller. The controller isoperative responsive to its programming to compare one or more valuescorresponding to the magnitude and/or other properties or radationsensed by one or more of the sensors, to one or more stored values andto make a determination whether the comparison is such that there is aprobable unauthorized card reading device installed on the fascia of themachine. In some embodiments the controller may be operative to executefuzzy logic programming for purposes of determining whether the naturesof the change in reflected radiation or other detected parameters aresuch that there has been an unauthorized device installed and whetherappropriate personnel should be notified.

FIG. 10 shows a side view of the housing 66. An example of a frauddevice which comprises unauthorized card reading device 130 is shownattached externally to the housing 66. The unauthorized card readingdevice includes a slot 132 generally aligned with slot 128. The device130 also includes a sensor shown schematically as 134 which is operativeto sense the encoded magnetic flux reversals which represent data on themagnetic stripe of a credit or debit card. As can be appreciated, anarrangement of the type shown in FIG. 10 enables the sensor 134 ifproperly aligned adjacent to the magnetic stripe of a card, to read thecard data as the card passes in and out of slot 128. Such anunauthorized reading device may be connected via radio frequency (RF) orthrough inconspicuous wiring to other devices which enable interceptionof the card data. In some situations criminals may also endeavor toobserve the input of the user's PIN corresponding to the card data so asto gain access to the account of the user.

As can be appreciated from FIG. 10 the installation of the unauthorizedcard reading device 130 changes the amount of radiation from emittingdevices 126 and that is reflected or otherwise transmitted to thesensors 128. Depending on the nature of the device and its structure,the amount or other properties of radiation may increase or decrease.However, a detectable change will often occur in the magnitude or otherproperties of sensed radiation between a present transaction and a priortransaction which was conducted prior to an unauthorized card readingdevice being installed. Of course the sensing of the magnitude ofradiation is but one example of a property of radiation that may besensed as having changed so as to indicate the presence of anunauthorized reading device.

FIG. 11 demonstrates an exemplary simplified logic flow executed by acontroller for detecting the installation of an unauthorized cardreading device. It should be understood that this transaction logic ispart of the overall operation of the machine to carry out transactions.In this exemplary logic flow, the machine operates to carry out cardreading transactions in a normal manner and to additionally execute therepresented steps as a part of such logic each time a card is read. Froman initial step 136 the controller in the machine is operative to sensethat a card is in the reader within the machine in a step 138. Generallyin these circumstances the controller will be operating the radiationemitting devices 126 as the user has inserted their card and the cardhas been drawn into the machine. In this exemplary embodiment thecontroller continues to operate the radiation emitting devices andsenses the radiation level or levels sensed by one or more sensors 128.This is done in a step 140.

The controller is next operative to compare the signals corresponding tothe sensed radiation levels to one or more values in a step 142. Thiscomparison may be done a number of ways and may in some embodimentsexecute fuzzy logic so as to avoid giving false indications due toacceptable conditions such as a user having the user's finger adjacentto the card slot 28 during a portion of the transaction. In the case ofa user's finger for example, the computer may determine whether anunauthorized reading device is installed based on the nature, magnitudeand changes during a transaction in sensed radiation, along withappropriate programmed weighing factors. Of course various approachesmay be used within the scope of the concept discussed herein. However,based on the one or more comparisons in step 142 the controller isoperative to make a decision at step 144 as to whether the sensedvalue(s) compared to stored value(s) compared in step 142 have adifference that is in excess of one or more thresholds which suggestthat an unauthorized card reading device has been installed.

If the comparison does not indicate a result that exceeds thethreshold(s) the transaction devices are run as normal as represented ina step 146. For example, a customer may be prompted to input a PIN, andif the card data and PIN are valid, the customer may be authorized toconduct a cash dispensing transaction through operation of the machine.Further in the exemplary embodiment, the controller may operate toadjust the stored values to some degree based on the more recentreadings. This may be appropriate in order to compensate for the effectsof dirt on the fascia or loss of intensity of the emitting devices orother factors. This is represented in a step 148. In step 148 thecontroller operates the machine to conduct transaction steps in theusual manner as represented in a step 150.

If in step 144 the difference between the sensed and stored valuesexceeds the threshold(s), then this is indicative that an unauthorizedcard reading device may have been installed since the last transaction.In the exemplary embodiment when this occurs, the controller isoperative to present a warning screen to the user as represented in astep 152. This warning screen may be operative to advise the user thatan unauthorized object has been sensed adjacent to the card reader slot.This may warn a user for example that a problem is occurring.Alternatively if a user has inadvertently placed innocently some objectadjacent to the card reader slot, then the user may withdraw it. Inaddition or in the alternative, further logic steps may be executed suchas prompting a user to indicate whether or not they can see theradiation emitting devices being illuminated adjacent to the card slotand prompting the user to provide an input to indicate if such items arevisible. Additionally or in the alternative, the Illuminating deviceswithin the housing 66 may be operative to cause the emitting devices tooutput words or other symbols which a user can indicate that they cansee or cannot see based on inputs provided as prompts from outputdevices of the machine. This may enable the machine to determine whetheran unauthorized reading device has been installed or whether the sensedcondition is due to other factors. It may also cause a user to note theexistence of the reading device and remove it. Of course variousapproaches could be taken depending on the programming of the machine.

If an unauthorized reading device has been detected, the controller inthe exemplary embodiment will also execute a step 154 in which a statusmessage is sent to an appropriate service provider or other entity toindicate the suspected problem. This may be done for example through useof a system like that shown in U.S. Pat. No. 5,984,178 the entiredisclosure of which is herein incorporated by reference. Alternativelymessages may be sent to system addresses in a manner like that shown inU.S. Pat. No. 6,289,320 the entire disclosure of which is also hereinincorporated by reference. In a step 156 the controller will alsooperate to record data identifying for the particular transaction inwhich there has been suspected interception of the card holder's carddata. In addition or in the alternative, a message may be sent to thebank or other institution alerting them to watch for activity in theuser's card account for purposes of detecting whether unauthorized useis occurring. Alternatively or in addition, some embodiments may includecard readers that change, add or write data to a user's card in cases ofsuspected interception. Such changed data may be tracked or otherwiseused to assure that only a card \it.l). the modified data is useablethereafter. Alternatively or in addition, in some embodiments themodified card may be moved in translated relation, moved irregularly orotherwise handled to reduce the risk that modified data is interceptedas the card is output from the machine. Of course these approaches areexemplary of many that may be employed.

In the exemplary embodiment the machine is operated to conduct atransaction even in cases where it is suspected that an unauthorizedcard reading device has been installed. This is represented in a step158. However, in other embodiments other approaches may be taken such asrefusing to conduct the transaction. Other steps may also be taken suchas capturing the user's card and advising the user that a new one willbe issued. This approach may be used to minimize the risk thatunauthorized transactions will be conducted with the card data as thecard can be promptly invalidated. Of course other approaches may betaken depending on the programming of the machine and the desires of thesystem operator. In addition while the fraud device shown is anunauthorized card reading device, the principles described may also beused to detect other types of fraud devices such as for example falsefascias, user interface covers and other devices.

In some embodiments additional or alternative features and methods maybe employed to help detect the presence of unauthorized card readingdevices or other attempted fraud devices in connection with the machine.For example in some embodiments an oscillation sensor may be attached tothe machine to detect changes in frequency or vibration that result fromthe installation of unauthorized devices on the machine. FIG. 10 showsschematically an oscillator 127 attached to the interior surface of themachine fascia. Oscillator 127 may be operative responsive to thecontroller and suitable vibration circuitry to impart vibratory motionto the fascia in the vicinity of the card reader slot. A sensor 129 isin operative connection with the fascia and is operative to sense atleast one parameter of the motion imparted to the fascia by theoscillator 127. Although oscillator 127 and sensor 129 are shown asseparate components, it should be understood that in some embodimentsthe functions of the components may be performed by a single device.

The sensor 129 is in operative connection with the controller of themachine through appropriate circuitry. The controller selectivelyactivates the oscillator and the sensor 129 is operative to sense theresulting movement of the fascia caused by the oscillation. Theinstallation of an unauthorized card reading device or other frauddevice on the machine will generally result in a change in at least oneproperty being sensed by the sensor 129. This may include changes inamplitude, frequency or both. Alternatively or in addition, someembodiments may provide for the oscillator to impart vibrationcharacteristics of various types or vibratory motion through a range offrequencies and/or amplitudes. Sensed values for various oscillatorydriving outputs may then be compared through operation of the controllerto one or more previously stored values. Variances from prior values maybe detected or analyzed through operation of the controller andnotifications given in situations where a change has occurred whichsuggests the installation of an unauthorized device.

In some embodiments the controller may cause the oscillator and sensorto operate periodically to sense for installation of a possibleunauthorized device. Alternatively, the controller may cause such acheck to be made during each transaction. Alternatively in someembodiments oscillation testing may be conducted when a possibleunauthorized device is detected by sensing radiation properties. Thecontroller can operate to take various actions in response to sensing apossible unauthorized reading device through vibration, radiation, orboth. For example, detecting a possible fraud device by both radiationand oscillation may warrant taking different actions than only detectinga possible fraud device through only one test or condition.

In some embodiments the controller may be programmed to adjust thethresholds or other limits used for resolving the presence of a possiblefraud device for responses to changes that occur over time at themachine. This may include for example adjusting the thresholds forindicating possible fraud conditions based on the aging of theoscillator or the sensor. Such adjustments may also be based onparameters sensed by other sensors which effect vibration properties.These may include for example, the fascia temperature, air temperature,relative humidity and other properties. Of course readings from theseand other sensors may be used to adjust thresholds of the oscillationsensor, radiation sensor or other fraud device sensors. Variousapproaches may be taken depending on the particular system.

In some embodiments the oscillator may additionally or alternatively beused to prevent the unauthorized reading of card reader signals. Thismay be done for example when the banking machine has a device whichtakes a user card into the machine for purposes of reading data on 10the card. In such embodiments the controller may operate to vibrate thearea of the fascia adjacent to the card reader slot when a user's cardis moving into and/or out of the slot. In such cases the vibration maybe operative to cause the generation of noise or inaccurate reading byan unauthorized card reading sensor so as to make it more difficult tointercept the card stripe data using an unauthorized reading device. Insome embodiments such vibration may also serve to 15 disclose or makemore apparent the presence of unauthorized card reading devices. Ofcourse these approaches are exemplary and in other embodiments otherapproaches may be used.

In some exemplary embodiments provision may be made for detecting thepresence of unauthorized input sensing devices for sensing a user'sinputs through the keypad on the machine. Such unauthorized inputsensing devices may be used by criminals to sense the PIN input by theuser. Detecting unauthorized devices may be accomplished by providingappropriate sensing devices in or adjacent to the keypad. Such sensingdevices may be operative to detect that a structure has been placed overor adjacent to the keypad. Such sensors may be in operative connectionwith the controller in the machine or other devices which are operativeto determine the probable installation of such an unauthorized inputsensing device. In response to determining the probable installation ofsuch a device, the controller may be operative in accordance with itsprogramming to provide notification to appropriate entities, modify theoperation of the machine such as to disable operation or prevent certainoperations, or to take other appropriate actions.

FIG. 12 shows the cross-sectional view of exemplary keypad 32. Keypad 32is shown schematically, and it should be understood that not all of thecomponents of the keypad are represented. Keypad 32 includes a pluralityof keys 250. Keys 250 are moveable responsive to pressure applied by auser's finger to provide an input corresponding to alphabetical ornumerical characters. Extending between some of the keys 250 are areasor spaces 252. Extending in spaces 252 are sensors 254. In the exemplaryembodiment the sensors 254 are radiation type sensors, but as previouslydiscussed, in other embodiments other approaches may be used. Overlyingthe sensors 254 is all cuter layer 256. In the exemplary embodiment,layer 256 is translucent or otherwise comprised of material so as topartially enable the transmission of radiation from the sensorstherethrough.

As represented in FIG. 13, the exemplary sensors 254 include a radiationemitter 258 and a radiation receiver 260. During operation the radiationemitter is operative to output radiation that is at least partiallyreflected from the inner surface of layer 256. The reflected radiationis received by the receiver 260. Corresponding electrical signals areproduced by the receiver, and such signals are transmitted throughappropriate circuitry so as to enable the controller to detect thechanges in signals that correspond to probable presence of anunauthorized reading device.

FIG. 14 is a schematic view of an unauthorized input intercepting device262 that has been positioned in overlying relation of a keypad 32. Theinput intercepting device 262 includes false keys 264 which are moveableand which are operatively connected to the corresponding keys 250 of thekeypad. In the exemplary embodiment, input intercepting device 262includes sensors which are operative to detect which of the false keys264 have been depressed by a user. Because the depression of the falsekeys is operative to actuate the actual keys 250, the ATM is enabled tooperate with the device 262 in place. Input intercepting device 262 inexemplary embodiments may include a wireless transmitter or othersuitable device for transmitting the input signals to a criminal who mayintercept such inputs.

As represented in FIG. 19, the input intercepting device 262 includesportions 267 which extend in the areas 252 in overlying relation oflayer 256. As represented in FIG. 15, the portion of the inputintercepting device extending in overlying relation of the layer 256 isoperative to cause a change in the amount of radiation from the emitter258 that is reflected and sensed by the receiver 260 of the sensor. Thisis because the overlying portion will have different radiationreflecting or absorbing characteristics which will change the radiationreflective properties of the layer 256 compared to when no such inputintercepting device is 5 present. Thus the installation of theunauthorized input intercepting device can be detected.

In some exemplary embodiments the controller may be operative to sensethe level of reflected radiation at the sensors periodically. This maybe done, for example, between transactions when a user is not operatingthe terminal. This may avoid giving a false indication that anunauthorized input intercepting device has been installed when a user isresting a hand or some other item adjacent to the keypad during atransaction. Of course in other embodiments sensor readings can be takenand compared during transactions to prior values stored in a data storeto determine if a change lasting longer than normal has occurred whichsuggests that an unauthorized input intercepting device has beenInstalled rather than a user has temporarily placed their hand or someother item adjacent to the keypad. For example, in some exemplaryembodiments the controller may not resolve that there is a probableunauthorized input intercepting device on the machine until asignificant change from a prior condition is detected in the radiationproperties adjacent to the keypad on several occasions both during atransaction and thereafter. Alternatively or in addition, a controllermay be operative to determine that an improper device has been installedas a result of changes that occur during a time when no transactionshave occurred. Alternatively in other embodiments, the controller mayoperate to sense and analyze signals from the sensors responsive todetecting inputs from other sensors, such as for example an ultrasonicsensor which senses that a person has moved adjacent to the machine buthas not operated the machine to conduct a transaction. Of course theseapproaches are merely exemplary of many approaches that may be used.

It should be understood that although in the exemplary embodimentradiation type sensors are used for purposes of detection, in otherembodiments other types of sensors may be used. These include, forexample, inductance sensors, capacitance sensors, sonic sensors, RFsensors, or other types of sensing approaches that can be used to detectthe presence of material in locations that suggest an unauthorized inputintercepting device being positioned adjacent to the keypad. Further, insome embodiments the controller or other circuitry associated with thesensors may be operative to make adjustments for normal changes that mayoccur at the machine. These may include, for example, changes with timedue to aging of emitters, the buildup of dirt in the area adjacent tothe keypad, weather conditions, moisture conditions, scratching of thesurface of the sensing layer, or other conditions which may normallyoccur. Appropriate programs may be executed by the controller or othercircuitry so as to recalibrate and/or compensate for such conditions asmay occur over time while still enabling the detection of a rapid changewhich is sufficiently significant and of such duration so as to indicatethe probable installation of an unauthorized input intercepting device.Of course these approaches are exemplary of many approaches that may beused.

In other embodiments other or additional approaches to detectingfraudulent reading or other improper activities may be used. Forexample, in some embodiments the fascia of the banking machine may besubject to observation within a field of view of one or more imagingdevices such as camera 131 schematically represented in FIG. 10. Camera15 may be in operative connection with an image capture system of thetype shown in U.S. Pat. No. 6,583,813, the entire disclosure of which isherein incorporated by reference.

In some embodiments the controller and/or an image capture system may beoperative to execute sequences of activities responsive to triggeringevents that may be associated with attempts to install or operate frauddevices. For example, the presence of a person in front of the bankingmachine may be sensed through image analysis, weight sensors, sonicdetectors or other detectors. The person remaining in proximity to themachine for a selected period or remaining too long after a transactionmay constitute a triggering event which is operative to cause the systemto take actions in a programmed sequence. Such actions may includecapturing images from one or more additional cameras and/or moving imagedata from one or more cameras from temporary to more permanent storage.The sequence may also include capturing image data from the fascia totry to detect tampering or improper devices. Radiation or vibrationtests may also be conducted as part of a sequence. Notifications and/orimages may also be sent to certain entities or system addresses. Ofcourse these actions are exemplary.

In some exemplary embodiments the controller of the machine or otherconnected computers may be operatively programmed to analyze conditionsthat are sensed and to determine based on the sensed conditions that afraud device is installed. Such a programmed computer may be operativeto apply certain rules such as to correlate the repeated sensing ofabnormal conditions with a possible fraud or tampering condition and toconduct tests for the presence of fraud devices. Such events mayconstitute soft triggers for sequences or other actions to detect andreduce the risk of fraud devices. Of course these approaches are merelyexemplary and in other embodiments other approaches may be used.

In some embodiments the machine may include sensors adapted to interceptsignals from unauthorized card readers or customer input interceptingdevices. For example, some fraud devices may operate to transmit RFsignals to a nearby receiver operated by a criminal. The presence ofsuch RF signals in proximity to the machine may be indicative of theinstallation of such a device. Such signals may be detected byappropriate circuitry and analyzed through operation of the machinecontroller or other processor, and if it is determined that it isprobable that such a device is installed, programmed actions may betaken.

For example, in some embodiments suitable RF shielding material may beapplied to or in the fascia to reduce the level of RF interference fromdevices within the machine at the exterior of the fascia. Antennas orother appropriate radiation sensing devices may be positioned adjacentto or installed on the fascia. A change in RF radiation in the vicinityof the fascia exterior may result upon the installation of anunauthorized device. The RF signals can be detected by receivercircuitry, and signals or data corresponding thereto input to aprocessor. In some embodiments the circuitry may also determine thefrequency of the radiation sensed to be used in resolving if it iswithin the range emitted by legitimate devices such as cell phones ofusers operating the machine. In other embodiments the circuitry mayanalyze the signals to determine if they are varying, and the circuitryand/or the processor may evaluate whether the changes in a signalcorrespond to the input of a PIN or a card to the machine.

In response to the sensed signal data, the processor may operate inaccordance with its programming to evaluate the nature and character ofthe intercepted signals. For example, if the signals do not correspondto a legitimate source, such as a cell phone, the processor may operateto take actions such as to wholly or partially cease operation of themachine, capture images with a camera, and/or notify an appropriateremote entity through operation of the machine. Alternatively, theprocessor may compare the sensed RF signals to transaction activity atthe machine. If the sensed signals are determined to be varying in waysthat correspond in a pattern or relationship to card or PIN inputs, forexample, the processor may operate in accordance with its programming tocause the machine or other devices to take appropriate programmed steps.

In still other exemplary embodiments the processor may be in operativeconnection with an RF emitter. The processor may operate in accordancewith its programming to cause the emitter to generate RF signals thatinterfere with the detected signals. This can be done on a continuingbasis or alternatively only at times during user operation of themachine when user inputs are likely to be intercepted. For example, theprocessor controlling the emitter may operate the machine or be incommunication with a controller thereof. In such situations, theprocessor may operate to control the emitter to produce outputs at timeswhen a user's card is moving into or out of a card slot, and/or when themachine is accepting a user's PIN or other inputs. Thus, the emitter maybe operative to produce interfering signals during relatively briefperiods so as to not disrupt RF transmissions for an extended period inthe event an incorrect determination is made and the RF signals are froma legitimate source.

In some embodiments an emitter may be a type that transmits on aplurality of frequencies intended to disrupt transmissions within theexpected range of frequencies for a fraud device. In other embodimentsthe emitter may be controlled responsive to the processor to match thefrequency or frequencies of suspect signals that have been detected. Ofcourse these approaches are exemplary of approaches that may be used.Some example embodiments may use features like those described in U.S.patent application Ser. No. 13/200,697 filed Sep. 28, 2011, thedisclosure of which is incorporated herein by reference in its entirety.

In still some other embodiments the risk of interception of customerinputs to an automated banking machine may be reduced by using types ofinput devices that reduce or eliminate user contact with the machine. Byreducing such user contact the possibilities for interception of userinputs may be reduced. For example in some embodiments the at least onecontroller of the automated banking machine may operate computerexecutable instructions which comprise eye tracking software. Eyetracking software may operate to determine from visible features of theuser's eyes, where the user is looking. This may be done in exemplaryembodiments by having infrared or near infrared emitters directed to anarea of the user's eyes and positioning cameras or other image capturedevices which can detect the reflected radiation from the user's eyes.By having such emitters and image capture devices adjacent to thedisplay of the machine, the at least one controller in the machine isoperative to determine the area on the display to which the user's eyeor eyes are directed. This can be accomplished for example using eyetracking software available from Tobii Technology of Stockholm, Swedenthat is sold under the trademark My Tobii. Of course this is but one ofmany commercial products that may be used for this purpose.

In exemplary embodiments the at least one controller in the machine maybe operated to receive inputs such as a user's PIN by tracking where anautomated banking machine user is looking. This may be done in anexemplary embodiment by the controller operating to provide outputindicia on the display that instructs the user to gaze at certainfeatures presented on the display. For example the display may outputdifferent colored rectangles in the corners thereof. The user may beprompted to gaze at each of the specific rectangles at different times.By detecting the reflected radiation from the user's eyes as the userlooks at each of the rectangles, the at least one controller is able todetermine where the user is currently looking.

Thereafter in an exemplary embodiment the user may be prompted to lookat characters 20 or other indicia output on the screen and to select insequence the ones which correspond to the user's PIN by gazing at eachspecific one and then blinking. In this way the user can gaze at theindicia corresponding to each of the characters of the PIN number andselect each character in the proper order by blinking. In someembodiments this may be done by presenting all of the possiblecharacters on a single output screen through the display while in otherembodiments a subset of characters may be output in a plurality ofdifferent display screens. Further in exemplary embodiments the displaymay provide an output such as a star symbol each time that the user issensed by the machine as having selected a character of a PIN number. Ofcourse this is merely an exemplary approach.

In some exemplary embodiments the display may also include indicia suchas a rectangle which a user can gaze at after they have input all of thecharacters of their PIN number. This provides an input to the machine sothat the machine can then operate to attempt to process a transactionusing the characters that the customer has input. In addition in someembodiments the at least one controller may cause the display to outputa rectangle or other indicia that a user can select to reset their PINinputs. Thus for example, if the user happens to involuntarily blink ina manner which causes an erroneous input which does not correspond to acharacter of their PIN, the user can correct the error by resetting theinputs and start over.

In such exemplary embodiments because the movement of the user's eyes isnot perceptible from vantage points that are observable by a thirdparty, it is more difficult to intercept the customer's PIN input.Further in some embodiments even micro cameras which are surreptitiouslymounted on the machine would generally not be effective to enablecriminals to determine the user's PIN inputs based on observation of theuser through the camera.

It should be understood that while this exemplary approach is describedin connection with a user providing a PIN or other secret code to anautomated banking machine, the principles may be used for receivingother inputs from banking machine users. This may include for exampleenabling users to provide transaction instructions to the machine. Suchtransaction instructions may include for example selecting transactiontypes and amounts. This may be accomplished in some embodiments by theat least one controller operating to present different transactionoptions as text in rectangles or other indicia on the screen. The usermay operate to select one of the transaction options by gazing at it andblinking their eyes. Likewise amounts may be selected by presenting arepresentation of the numerical keypad through the display in responseto operation of the controller. The user can then present inputscorresponding to numerical amounts by gazing at selected numerals andthen blinking. Numerous types of inputs may be provided in this manner.

Further it is to be understood that while in this exemplary embodimentthe approach of providing inputs has been discussed as the user gazingat a particular rectangular icon or other indicia on the screen and thenblinking, in other embodiments other approaches may be used. This mayinclude for example the user providing a machine input by looking at aparticular item of indicia on the screen for more than a predeterminedtime so as to select it. Alternatively selections may be made throughother eye movements such as moving the eye in a cross pattern centeredon the particular item of indicia output on the display. Numerousapproaches may be used employing the principles described.

In some exemplary embodiments the machine 10 is provided with enhanceddiagnostic capabilities as well as the ability for servicers to morereadily perform remedial and preventive maintenance on the machine. Thisis accomplished in an exemplary embodiment by programming the controllerand/or alternatively distributed controllers and processors associatedwith the transaction function devices, to sense and capture diagnosticdata concerning the operation of the various transaction functiondevices. In an exemplary embodiment this diagnostic data may includemore than an indication of a disabling malfunction. In some embodimentsand with regard to some transaction function devices, the data mayinclude for example instances of speed, intensity, deflection, vacuum,force, friction, pressure, sound, vibration, wear or other parametersthat may be of significance for purposes of detecting conditions thatmay be developing with regard to the machine and the transactionfunction devices contained therein. The nature of the diagnostic datathat may be obtained will depend on the particular transaction functiondevices and the capabilities thereof as well as the programming of thecontrollers within the machine.

An exemplary embodiment includes an automated banking machine securityarrangement. The automated banking machine (e.g., ATM) includes a GlobalPositioning System (GPS). A machine with GPS can include self-servicefeatures enabling a user of the machine to carry out transactions. Aspreviously discussed, a machine can include a cash dispenser permittinga cash withdrawal transaction. As explained in more detail later, GPS(or some other position indicator) also enables more efficient servicingof a machine. Systems and methods related to the monitoring, status, andservicing of machines may be found in U.S. Pat. No. 5,984,178, theentire disclosure of which is herein incorporated by reference.

An automated banking machine (or each machine in a network of machines)can be embedded with a GPS transceiver. The operation of a GPS is wellknown and need not be discussed in detail herein. The GPS module or unitcan identify the geographical position of the machine by using acoordinate system. For example, the GPS unit can read its latitude andlongitude coordinates with the use of one or more satellites. A machinewith GPS technology allows the machine to annunciate its location. Themachine can emit its coordinates through a variety of knowncommunication mechanisms and methods.

In an exemplary arrangement, a machine is provided with GPS to permittracking of the machine. The tracking can be beneficial in maintainingaccurate location information on a plurality of machines, especially ifcertain machines are moved during their lifetime. As explained in moredetail herein, tracking ca . . . ‘1 also be used to thwart thieves whoare able to pickup and remove an entire unit.

A GPS unit (including an antenna) can be built into a machine so thatthe GPS cannot be dismantled. The GPS can be connected with a machine ina manner ensuring that the positional information (i.e., coordinates) ofthe machine can continue to be conveyed. For example, criticalcomponents of the GPS (and machine) can be battery backed to enableconveyance of the unit's position. This arrangement permits a GPSdisconnected from its main power source to still have the ability toaccurately obtain from one or more satellites the machine position. TheGPS unit may comprise a satellite phone.

A computer or controller associated with the machine can request areading of location data from the GPS unit. It should be understood thatfor purposes of brevity, herein a “computer” may comprise one or morecomputers or processors, whether in a single device or distributed amongseveral devices. The GPS unit can obtain the machine positioncoordinates from one or more satellites. The machine computer canreceive the location data from the GPS unit. The machine can transmitits GPS-obtained position to a service monitoring (or responsible for)the security of the machine. The security monitoring service center mayoversee the monitoring of plural GPS-equipped machines. Communicationbetween a machine and the security center (which may be the hostcomputer associated with the machine) can be carried out in a knownmanner of communication, including the use of a phone line, aproprietary line, a wireless system, a satellite system, a network, anintranet, and/or the Internet. Critical components in the machine canalso be battery backed to ensure communication with the GPS unit and thesecurity center. A computer software program operating at the securitycenter (or in the machine) can be used to determine if the normallystationary (or fixed) terminal has been improperly moved.

FIG. 16 shows a shared security/monitoring arrangement 300 for pluralmachines. The arrangement 300 includes a satellite 302, machines 304,306, 308 with respective GPS units 310, 5 312, 314, and asecurity/monitoring center 316. As previously discussed, the machines304, 306, 308 can obtain a GPS reading via the satellite 302 and thentransmit the read data to the security center 316. For example, a GPSreading may be obtained with a satellite phone which is able to transmitthe GPS data to a web site accessible by the security center computer.The security center 316 can include many different types ofcommunication devices, including a cell phone system 318.

A stolen machine having GPS technology enables movement of the stolenmachine to be tracked. One or more computers operating in conjunctionwith a security center enable the current position of a moving machineto be tracked in real time. Software operating in a security centercomputer can be used to present the individual GPS-reported machinepositions as a simultaneous path of travel. The software can overlay thetravel path of a stolen machine onto a road map of the surrounding area.Authorities can be kept informed as to the route of the tracked machine.The real time overlay map can also be downloaded (e.g., via theInternet) from the security center to the authorities (e.g., police).The monitoring arrangement permits a stolen machine with GPS to berecovered.

The security center can be in operative connection with a databasecontaining the locations of respective machines stored in memory. Thesecurity center can use a computer (e.g., a host computer) to compare areceived machine GPS location to the stored location assigned to thatparticular machine. If the compared locations do not substantiallymatch, then the computer can determine that the machine was stolen and,responsive thereto, cause proper action to be initiated. The comparisonmay include a predetermined percentage error range to compensate for GPSreading calibrations, fluctuations, deviations, and other factors.Additional GPS location data readings and location comparisons may beperformed to ensure accuracy before a final determination on theft ismade.

FIG. 17 shows steps in a process of comparing read GPS location data tostored machine location data. Location data for a plurality of machines(i.e., ATM #1 to ATM #N) is stored in a database 320. Stored data 322includes location data corresponding to the fixed or assigned locationof ATM #1 (e.g., machine 304). Stored data 324 includes location datacorresponding to the fixed location of ATM #2 (e.g., machine 306). GPSdata 326 was obtained using the GPS unit of ATM #1. The location data inthe stored data 322 for ATM #1 is compared to the GPS location data 326for ATM #1 by using a computer 328, which may be in the security center316. If the comparison results in a corresponding “Yes” match, the ATM#1 is determined as secure.

However, if the comparison does not result in a corresponding match,then the security status of ATM #1 is determined as stolen. Following a“No” match, at least one of the response actions 332, 334, 336, 338 canbe executed, as explained in more detail later. That is, response to adetermination of theft one or more actions can be initiated, includingnotifying 332 the authorities about the theft, firing 334 dye packslocated in the stolen machine, tripping 336 an alarm in the stolenmachine, and/or tracking 338 movement of the stolen machine. It shouldbe understood that a security center 316 can include the database 320and the computer 328, and cause commencing of the actions 332, 334, 336,338. Alternatively, the database 320 can be remotely located from thesecurity center 316, yet in operative connection therewith to enable thesecurity center to request and receive location data from the database(and store data in the database).

The GPS location analysis performed by the security center 316 for aparticular machine can be used to cause the firing of dye packs in thatparticular machine. FIG. 18 shows the machine 304 including a securechest or safe portion 340. The chest 340 includes a dye pack 342adjacent to cash 344 in a currency dispenser 346. The cash 344 may be ina currency cassette in the currency dispenser 346. The chest 340 alsoincludes a dye pack 348 adjacent to cash 350 in a cash deposit bin 352.The cash deposit bin 352 can hold cash that was deposited by machineusers or cash that was not taken following a cash withdrawaltransaction. The GPS transceiver 310 and a machine computer 354 are alsoshown. The computer 354 can cause firing of the dye packs 342, 348. Thecomputer 354 can be instructed by the security center 316 to fire thedye packs 342, 348. The example machine 304 further includes movementsensors 360, 362. Although the GPS unit 310 and the computer 354 areshown in the upper portion 356 of the housing 358, it should beunderstood that they may be situated inside of the secure chest portion340 of the housing (e.g., like GPS unit 314).

Different communication methods can be used in carrying out thedetermination of whether a machine was stolen. In one arrangement themachine computer 354 can periodically obtain a regularly time-basedlocation reading from the GPS unit 310 (i.e., predetermined readingtimes). In another arrangement the computer 354 can continuously receiveupdated GPS data from the GPS unit 310. The machine 304 (or the GPS unit310) can transmit the read GPS location information to the securitycenter 316. The security center 316 analyzes the transmitted GPSlocation information (e.g., by performing the previously discussedlocation comparisons) to determine if inappropriate movement (e.g.,theft) involving the machine 304 has occurred. As previously discussed,response actions 332, 334, 336, 338 can also be initiated via thesecurity center 316.

In another arrangement the machine 304 can use the sensors 360, 362(e.g., motion detectors) to detect movement (e.g., tilt, lateral,vertical, and/or horizontal movement) of the machine 304. The computer354 is in operative connection with the sensors 360, 362 to receiveinformation therefrom. In response to a sensed machine movement, thecomputer 354 can take action to thwart the suspected theft of themachine 304. For example, the computer 354 can cause the dye packs 342,348 to be fired. The computer 354 may notify the security center 316 ofthe sensed machine movement. As previously discussed, the securitycenter 316 can initiate response actions 332, 334, 336, 338 to thwartthe suspected theft of the machine.

Alternatively, an analysis of GPS location information can be used toverify whether or not the sensed machine movement was the result of themachine 304 being illegally moved from its expected location or becauseof some other disturbance (e.g., an earthquake). In response to a sensor360, 362 detecting movement of the machine 304, the computer 354 canrequest a location reading from the GPS unit 310. The machine 304transmits the acquired GPS location data 326 to the computer 328associated with the security center 316. Again, the security center 316can compare (as previously discussed) the GPS location data 326 tostored location data 372 to determine whether the particular machine 304(i.e., ATM #1) was actually moved from its foundation. Thus, bothmovement sensors 360, 362 and GPS 310 can be used together to accuratelydetermine whether or not a machine was stolen.

In a further arrangement the plurality of machines 304, 306, 308 eachinclude a wireless cell phone. FIG. 18 shows the machine 304 including acell phone system 366. The computer 354 is in operative connection withthe cell phone 366. Each machine can use their cell phone to call thesecurity center 316, which includes the cell phone system 318. Eachmachine is also operative to receive calls from the security center 316.The security center cell phone system 318 is operative to simultaneouslycommunicate with plural machines via their cell phones.

The security center 316 is in operative connection with a databasehaving memory for storage of cell calling area information correspondingto each respective machine cell phone. The stored cell calling areainformation can be in previously discussed database 320 or it can be ina separate cell database. FIG. 19 depicts an expanded portion of thedatabase 320 showing additional machine information. The previouslydiscussed stored data 322 corresponding to ATM #1 is also depicted. ForATM #1 the identity data 370 is stored in corresponding relationshipwith the machine's location data 372, cell phone number data 374, andcall cell data 376. The database 320 enables the identity 370 of amachine to be ascertained via its stored location data 372 or by itsstored cell phone number data 374. Likewise, a machine location 372 canbe identified via its cell phone number 374, and vice versa. That is, inthe database 320 each machine cell phone number is also stored incorresponding relationship with a respective cell calling area. Forexample, phone number data 374 is stored in relation with cell data 376.

The cell assigned to a machine can be the call cell in which thatmachine is physically located. That is, the assigned cell can be thecell in which the cell phone (of the fixed machine) would use tooriginate a phone call. The stored location data for a particularmachine can be 25 used to determine which cell is to be assigned to thephone number for that particular machine. That is, the assigned cell canbe based on the stored (and assigned) location. For example, the cellcalling area which covers the location 372 of ATM #1 can be used as thecell 376 assigned to ATM #1. Using the stored location data enables thedatabase to be quickly updated to reflect any changes in cell areas,cell providers, etc.

It should be understood that some machines may be located in the samecell calling area. Thus, these machines could be assigned the same celldata in the database 320. For example, both ATM #1 and ATM #3 could havethe same stored cell data. Contrarily, a cell in the database may beassigned to only a single cell phone number because the phone numberbelongs 5 to an isolated distant machine. For example, the cell dataassigned to ATM #2 may be the only instance of that cell in the entiredatabase 320.

An exemplary security checking operation involving the cell phonearrangement will now be discussed. A machine computer 354 causes themachine's cell phone 366 to periodically call the security center cellphone system 318. The security center 316 uses the computer 328 (oranother computer) to perform an initial analysis of the received call.In an exemplary embodiment of first level security analysis, thesecurity center 316 can recognize which machine cell phone placed thecall, such as by using caller ID, etc. The security center 316 can usethis information to learn the cell assigned to the machine from whichthe call was made. For example, the security center 316 can use callerID to ascertain the phone number 374 belonging to a call originatingfrom the phone of the not yet identified machine. By knowing the phonenumber 374 the security center 316 can use the database 320 to identifythe machine as ATM #1. The security center 316 can further use thedatabase 320 to determine the cell 376 assigned to ATM #1. Thus, theassigned cell 376 is known. Next, the security center 316 needs tocompare the assigned cell 376 to the used cell. The security center 316can obtain the cell used by the machine phone. Triangulationcalculations or secondary sources may be used in obtaining the cell inwhich the call was made. The security center computer 328 can thencompare the obtained cell to the cell 376 assigned to that particularmachine 370. If the compared cells do not match, then it is determinedthat the cell phone of ATM #1 was moved out of its assigned cell area376. The security level for ATM #1 can be flagged as suspect. Thus, thetheft of ATM #1 can be viewed as suspect. In the first level of securityanalysis, improper movement of a particular machine can be suspected viathe machine's cell phone, without using the machine's GPS unit. AlthoughATM #1 was used in the example, it should be understood that a firstanalysis can be applied to any of the machines in the network.

Returning to the exemplary example, following a suspicion of theft ofATM #1, the security center 316 can initiate appropriate responseactions 332, 334, 336,338 to thwart the suspected theft, as previouslydiscussed. Alternatively, in response to the suspicion, the securitycenter 316 can begin another (second) level of security analysis on ATM#1. That is, a second analysis can be performed before a response action332, 334, 336, 338 is initiated by the security center 316. The secondanalysis can be performed to double check or validate the suspicion oftheft of ATM #1. The second analysis can be independent from the firstanalysis. The second analysis can use the GPS unit of ATM #1.

In an exemplary embodiment of second level security analysis, thesecurity center 316 submits a request to the suspect ATM #1 asking foran updated GPS reading. The request can be communicated in a mannerpreviously discussed, including using cell phone communication. In amanner previously discussed, a machine computer 354 attempts to obtainan updated reading with its GPS unit 310, and then transmit the updatedreading to the security center 316. The security center 316 can thencompare (as previously discussed) the updated GPS location data 326 todatabase location data 372 corresponding to the suspect ATM #1. Based onthe location comparison, the security center 316 can determine whetherthe suspected theft activity was founded. If an updated GPS reading isno longer obtainable then this information can also be a factor in thedetermination. Once a determination is made that the machine wasactually illegally moved (i.e., stolen), then responsive actions such asnotifying authorities 332, firing dye packs 334, starting an alarm 336,and/or machine tracking 338 can be initiated to thwart the theft. Inother security arrangements, the machine does not have to rely on asecurity center to perform a determination of machine movement. In anexemplary embodiment the machine's own computer can make thedetermination.

A machine computer can have a backup battery power source. Batterysources for computers are known in the art. A machine computer 354 canhave access to location data locally stored in the machine. For example,the machine data 322 can be stored in ATM #1 or in a security softwareprogram operating in ATM #1. The location data 372 for ATM #1 may havebeen previously downloaded to ATM #1 for storage therein. Thus, the ATM#1 computer 354 itself (instead of the security center) can run asecurity computer program to perform a comparison of the machine'sassigned location 372 to the location obtained from the machine's GPSreading 326. If the machine computer 354 determines that the locations372, 326 do not match, then the machine computer 354 can cause a machinealarm to trip and/or notify the security center (or other authorities)regarding the theft of the machine. Again, the security center can causeappropriate response actions 332, 334, 336, 338 to be carried out. Inanother security arrangement, motion sensors, GPS, and a cell phone (orcell phone modem) can be used in combination to analyze the status of amachine. For example, a machine GPS unit can periodically orcontinuously receive position readings. The GPS u.11it and cell phoneare in operative connection so that the cell phone can receive GPS datafrom the GPS unit (even when the cell phone is in an “off” or sleepcondition). Detected motion of the machine (via a motion sensor) causesthe cell phone to be placed in an “on” or awakened condition (i.e.,turned on). The cell phone when turned on is programmed to transmit GPSdata to a satellite. The satellite can receive the transmitted data andrecognize the data sender (i.e., the cell phone/machine). The satellitecan then send the GPS information and sender data to a web site thatallows monitoring of the machine's location. That is, the web site canbe accessible by a security center computer.

It should be understood that various alternative combinations may beused in the exemplary embodiments. For example, a cell phone can beprogrammed to receive and transmit the GPS data. A cell phone caninclude the GPS system. Also, while motion is detected, a cell phone canbe periodically turned on (e.g., every minute) to receive and/ortransmit the GPS data. When movement of the machine stops, so do thetransmissions. Furthermore, the cell phone can bypass the satellite tosend the GPS information (and cell phone/machine ID data) directly tothe web site (or a database). A computer may link the GPS unit and thecell phone. Alternatively, a GPS satellite phone may be used.

A machine's alarm can be tripped responsive to reading GPS data. Thealarm can also have a backup battery power source. An alarm controllerin the machine can activate the alarm in response to the machine'ssecurity computer program determining movement of the machine via theGPS reading (and/or via one or more movement sensors). The alarm can beaudible or silent. A silent alarm can notify a security center orauthorities. An audible alarm can have different decibel levels. Ahigher decibel level, which is uncomfortable to a thief operating thegetaway vehicle, may be used while machine movement is detected. Thealarm can be switched to a lower decibel level when machine movement isno longer detected, or vice versa. Hence, a machine can have a pluralstage audible alarm. Furthermore, known functions for drawing attentionto a stolen machine or cash may additionally be used. For example, theGPS can also be associated with tripping a cash staining device (e.g.,dye packs) located in the machine.

In a further exemplary embodiment, even if a machine 304 is stolen, thecash in its chest portion 340 (or safe) can be rendered useless to thethieves. The security system in the machine can also monitor thesequence that was used to open the chest 340. The security system, which10 can include the computer 354 and a software program operable in thecomputer, can recognize a normal (or permitted) chest opening sequence.The security system can also detect a non-normal (or non-authorized)chest opening sequence. If the chest is not opened in the propersequence, then the security system can act to have cash 344, 350 insidethe chest 340 marked in a manner indicative of stolen cash (e.g.,stained/dyed cash).

The software can be programmed to monitor chest opening sequences.Alternatively, the software can be programmed to initiate monitoring ofa chest opening sequence following a detection of suspicious (orconfirmed) machine movement.

An example of a normal sequence for accessing the cash in the chest willnow be discussed. The predetermined chest door opening sequence caninclude a plurality of sequence events. In the example, the machine isfirst put into a maintenance mode. Next an unlocking of the chest dooroccurs. This may include entering one or more correct combinations. Nextthe chest door handle is turned to cause an interior lock bolt to moveto unlock the chest door. Then the chest door is pivoted or swung to anopen position to provide access to the chest interior. It should beunderstood that the opening of the chest door may be one of the sequenceevents. The performing of certain steps in the sequence can be aprerequisite for later steps.

Sensors can detect whether a predetermined (normal) sequence portion wascarried out. The sensors can be in operative connection with thesecurity system computer to provide feedback to the computer. Again, thesecurity system, including the computer and sensors, can operate with abackup power source, such as one or more batteries.

The computer can be informed or recognize when the machine statuscondition is in maintenance mode. Sensors can be used to detect whenunlocking of the chest door occurs. The entering of mechanical orelectronic combinations can be sensed. Sensors can detect when the chestdoor handle is turned. Sensors can be positioned adjacent to the handleto detect movement of the handle. Motion sensors can be positionedadjacent to the lock bolt work components which (in the predeterminedsequence) would need to move to permit opening of the chest door. Othersensors can be used to detect when the chest door was moved from a dosedposition to an open position. An example of a lock bolt work arrangementfor an automated banking machine may be found in U.S. Pat. No.5,784,973, the entire disclosure of which is herein incorporated byreference.

The software operated by the security system computer can analyze thesensor input to determine if any events or steps in the normal chestdoor opening sequence have been bypassed. The software can compare thesensed (performed) sequence events to the stored (expected)predetermined sequence steps. For example, the machine computer canmonitor and track sequence event occurrence. Responsive to themonitoring, the computer can determine whether all expected sequenceevents have occurred. The computer can assign a condition (e.g.,positive or negative) to the chest door opening status. Therefore, whenopening of the chest door is detected, the computer can conclude whetherto fire the dye packs.

In a non-normal chest opening sequence the chest door was opened, butnot in the expected sequence. For example, the chest door (or otherchest components) may have been drilled or burnt to enable the chestdoor to be opened for accessing the cash. The exemplary machine securitysystem can detect if a chest bolt was unlocked without the chest doorlock first being unlocked (or other optional prerequisite steps, e.g.,maintenance mode, combination, code access, etc.). For example, thesecurity system can detect whether the door combination was notcorrectly (or ever) entered, yet the chest's interior bolt was moved toan unlocked position. The security system can also detect whether thechest door was opened without turning of the door handle. The securitysystem can make a determination that unauthorized access was granted tothe chest interior responsive to the door being opened (or in anunlocked position enabling opening thereof) out of sequence. Thedetection of a non normal chest door opening sequence (or order) can beinterpreted as an attack against the chest (and any cash therein).

In response to a determination of an attack against the chest, the cash344, 350 inside the chest 340 can be devalued by the security system.The chest 340 includes a chest door, such as previously discussed chestdoor 18. The chest door in an open position enables a service person toaccess devices and components in the security chest interior. Thesecurity system includes a currency staining system, and a method ofactuating the staining system. For example, the security system caninclude dye packs 342, 348. The dye packs 342, 348 cail be located inthe chest 340 adjacent to the cash 344, 350. The security system cancause the dye packs 342, 348 to be activated (e.g., fired or exploded)to release the dye therefrom.

The security software operating in the machine computer 354 can beprogrammed to cause the computer 354 to initiate firing of the dye packs342, 348 in response to a determination that the door of the chest 340was opened (or moved) without following (or completion of) a requiredsequence (or pattern) for opening the chest door. That is, dye packs canbe triggered to fire upon unauthorized movement of the chest door. Thecomputer programming software in the security system can be read by thecomputer 354 to determine unauthorized chest access and initiate anelectronic firing of the dye packs.

The machine security system computer may determine that the door openingsequence is improper prior to the chest door being opened. Thus, thecomputer may be programmed to automatically fire the dye packs when thechest door is still closed but is detected as being placed in anunlocked condition. In other programming embodiments firing of the dyepacks may not occur until the chest door is actually opened. Forexample, the computer may not determine an improper sequence until thechest door was actually opened.

In alternative embodiments the computer can issue a warning of adetected improper chest opening sequence. Such a warning can be audibleor visible (e.g., a display message, etc.). The warning may be presentedin a manner that is undetectable (silent) to the public, but detectableto an authorized service person. The warning may be presented as aflashing light at the rear of the machine. The warning may be presentedvia a cell phone call to a specific number at a security center. Thewarning may be beneficial to an authorized service person whoinadvertently generated an out-of-sequence step. A code can be inputtedto the machine to override or reset the out-of-sequence programming, ordisable firing of the dye packs. Entry of the code may be time based.For example, if the code is not entered within a predetermined timeperiod, then override is no longer a valid option.

Dye released from a dye pack 342, 348 is operative to deface cash (i.e.,currency or money or notes or bills) in a known manner. The size andamount of dye packs and their placement relative to cash in a chest canbe strategically predetermined to ensure optimum devaluing of all thecash in the chest upon activation of the dye packs.

New machines can be provided with the sequence monitoring securitysystem. Existing machines can be retrofit with the security system.Because the sequence monitoring security system can be provided in somemachines without needing any additional sensors or alarm grids, it canbe easy to provide a low-cost retrofit. The sequence monitoring securitysystem may be provided as a backup to normal anti-theft detectionarrangements for machines.

As previously discussed, a machine computer can cause dye packs to befired, such as in response to a security software program detecting animproper chest opening sequence. That is, a computer can controloperation of the dye packs. As previously discussed, a computer can alsocommunicate with the security center computer. Thus, the security centercan directly communicate instructions to the machine computer, includinginstructions for the computer to fire the dye packs. That is, regardlessof the monitored security status of a chest opening sequence, a machinecomputer can be instructed by a security center to activate the dyepacks at any time. Thus, dye pack activation can be independent of chestopening sequence monitoring.

As previously discussed, dye pack activation can be a response action334 to machine theft. A security center 316 can use machine GPSinformation 326 to confirm that a machine was stolen. Responsive to theconfirmation of theft, the security center 316 can instruct the machinecomputer 354 to actuate its dye packs 344, 348. Upon the computer 354receiving the instruction to fire the dye packs 344, 348, the machinecomputer can cause the dye packs to be exploded to stain the cash 344,350 located within the interior of its chest 340. Thus, the staining ofmoney inside of a machine can be the result of a positional readingtaken with a GPS unit of that machine.

In another exemplary arrangement, the security center itself candirectly signal machine dye packs to fire. That is, the security centercan fire the dye packs without using the machine computer. The securitycenter may cause the dye packs to be activated following a theftconfirmation. The signal from the security center to a dye pack may beencrypted. A dye pack can have a trigger device (or a detonator) set tofire upon receiving a predetermined frequency or wave. A radio frequencymay be used. The frequency can be unique to a particular dye pack or aseries of dye packs in a particular machine. The security center cangenerate and transmit the frequency. Alternatively, if the securitycenter is too far from the machine, then the security center can causethe machine (or another nearby source) to initiate or generate thetriggering frequency.

It should be understood that the scope of the described concepts fordetermining whether an automated banking machine was moved is notlimited to the embodiments disclosed herein. For example, imagerecognition, land-based radar, and sound waves can also be used indetermining whether a machine was stolen. A camera unit can be fixedlymounted to periodically capture an image of a machine. The camera unitcan transmit the image to a security center. The security center canhave an original image of the machine stored in a database. The securitycenter can use image recognition software to compare the image receivedfrom the camera unit to the image in storage. Likewise, data relating toland based radar and/or sound waves can be used in determinationcomparisons. If compared data does not match, then an appropriateresponse action can be initiated by the machine, as previouslydiscussed. Alternatively, one or more additional analyses may beperformed to confirm that the machine was actually stolen. Theconfirmation analyses may include security comparisons alreadydiscussed, including comparisons involving data related to movementsensors, phone cells, and/or machine GPS.

A machine may need servicing (e.g., transaction function devicemalfunction, cash replenishment, low paper supply, predeterminedmaintenance, etc.) A machine with GPS provides a service center (whichmay comprise the security center) the ability to identify the closestservice personnel to the machine. A dispatching program can operate in aservice center computer (or a machine host computer). The service centercan receive both GPS information and a service request from a machine.The GPS information and service request may be received in the sametransmission packet. The service center can also receive (e.g., via GPS,address input, phone, voice, etc.) the current (or latest) locations ofservice personnel in the field. The dispatching program can determinewhich available service person can reach the machine needing service thequickest. The program can match service personnel to service-needingmachines for optimum efficiency.

The dispatching program can also use received machine GPS information togenerate optimal directions for the chosen service person to use toreach the machine. The directions can include the most efficient route.The directions can be transmitted to the service person in a knownmanner. The dispatching program can also operate in real time withregard to current traffic conditions that may influence the routedecisions, and hence the servicer-to-machine matching. Thus, the chosenservicer may not necessarily be the closest servicer in distance. In anexemplary embodiment, the servicer is chosen based on smallest estimatedtravel time. The use of automated banking machine GPS allows a servicerto reach a machine in the quickest manner. The ability to quicklyassociate the position of a machine needing servicing with the currentpositions of available service personnel results in a more efficientservice dispatch. Machine operating efficiency can be improved.

In other exemplary embodiments, a machine can signal what type ofservicing is needed. Thus, a servicer may be chosen based on smallestestimated travel time in conjunction with the needed skill level of theservice person.

It should be understood that the use of GPS for servicing applies toboth fixed and portable (or movable) machines. For example, a portablemachine may be built into a vehicle that is able to drive to differentsporting events, entertainment venues, etc. The portable machine can beused (e.g., cash withdrawal transactions, etc.) by users at the events.Again, the ability to use GPS to quickly analyze or compare the currentposition of a portable machine with the current positions of availableservice personnel results in a more efficient service dispatch.

The previously discussed use of GPS enables a machine to be installed atany location just by plugging it in. Thus, in alternative embodimentsthere is no need to keep a database on where machines are located,because GPS tracking keeps the security/service center aware of theirlocation, especially for purposes of servicing. A dynamic database ofmachine locations can be established and automatically updated.

The ability to locate a machine's geographical position can also be usedto enhance the usage security of other automated transaction machines(e.g., ATMs). An exemplary embodiment combines the signals of a GPSsystem with a cellular device (e.g., cell phone) to provide informationrelated to the geographical location of the cellular device user. Thatis, the exemplary embodiment includes the ability to track cellulardevices using a combination of cellular or GPS/cellular technology. Acellular device can be equipped with a GPS receiver and/or transmitter.

For purposes of this disclosure a cell phone shall be deemed to includea cell phone, PDA, pager or other device that has audio and/or textcommunication capabilities. It should be understood that although a cellphone is used as the cellular device (or cellular object) in someexemplary embodiments herein, other cellular devices can likewise beused. That is, a cellular device need not be limited to a phone. Forexample, an object such as a card, key, time piece, wallet, vehicle,human body, etc. may have cellular technology (and/or GPS technology)embedded therein or thereon which allows the location of the object tobe ascertained. Cell triangulation is one method to remotely determinethe current location of a cellular object. Likewise, GPS communicationis one method to remotely determine the current location of an objecthaving GPS technology (e.g., GPS transmitter and/or receiver).

An exemplary cellular embodiment includes the ability to obtain thegeographical location of an automated banking machine (e.g., ATM). Aspreviously discussed, a machine location can be obtained via an embeddedGPS device in the machine or a database of machine installationlocations. Thus, a machine user's cell phone location can be comparedwith the machine location to determine if he user is an authorized user.

The arrangement can be operated independently or as part of a fraudprevention (or security) service to which a machine cardholder can join.A member in the fraud prevention program grants permission for his cellphone's location to be known to the provider of the security servicewhenever his account (or one of his accounts) is accessed at a machine.The member provides to the service provider the information (e.g., cellphone number, cell phone provider, contacts options, etc.) necessary toset up the service. The service provider program can be provided by apartnership between a financial institution (e.g., bank), a transactionprocessor host, and one or more cell service providers. Alternatively,the program can be controlled by a sole proprietor.

Different types of member-selectable contact options are available. Forexample, the program can be set up to alert a member about a transactionthat is being requested on his/her account from a machine which is notwithin reasonable proximity to his/her cell phone. The service providernotifies the member via the member's cell phone that a transaction isbeing requested at a particular machine. Another selectable option caninclude having the service 10 provider prevent a transaction requestfrom being carried out when the machine location and the member's cellphone location do not substantially correspond.

An exemplary method of operation of a fraud prevention service will nowbe explained with reference to FIG. 22. As shown, the exemplary systemarrangement 400 includes machines 402, 404, 406, a machine host 410 incommunication with the machines, a cell phone locator system 412 incommunication with the host, and a member's cell phone 424.

A machine 402 receives user identification data from a customer. Theidentification data may be received during a transaction request. Theidentification can be in the form of a name, account number, PIN, code,password, data sequence, biometric data, or some other informationlinking a person to an account. The identification can be input orprovided by the customer to the machine 402, such as from a card or abiometric type of input (iris scan, fingerprint, etc.). For purposes ofthis disclosure card data includes data read from a card or other objectthrough operation of the machine that can be used to determine acorresponding financial account. Alternatively, the Identification maybe determined from some other customer input or a customer item read bythe machine 402.

The machine 402 sends the user identification data to a computer of thehost 410. The host computer can be part of a host system for a machinenetwork. Each of the machines is in communication with the host. In someembodiments the host 410 can communicate with other computers outside ofthe machine network in carrying out a transaction.

The host 410 can operate to determine the machine location from a GPSdevice in the machine 402. Alternatively the host 410 can determine themachine location from one or more databases 414 that includes thelocations of the machines in the network. The host has access to thedatabase 414. The machine can provide its machine ID to the host duringcommunication with the host. For example, the machine ID can be sent tothe host when the user identification data is sent to the host 410. Thehost can compare a machine ID to machine IDs in the database toascertain the location of a machine. In other arrangements, dataobtained by the host via a GPS device in a machine may first need to becompared with a database to ascertain the location of the machine.

The host 410 can also determine the cell phone 424 assigned to thereceived user identification data. The database 414 links authorizedmachine users to their cell phones (and their accounts). For example,the host can compare received (or determined) account data to accountdata in the database 414 to ascertain the cell phone assigned to thataccount. The host 410 is in operative communication with a cell phonelocator system 412. In some embodiments the cell phone locator systemmay comprise a separate computer or computers and other hardware that isoperative to determine cell phone location, while in other embodimentsthe cell phone locator system may comprise software instructionsoperative in one or more computers that operate in conjunction withother functions and determine cell phone location through communicationwith other devices or systems. The host can request the cell phonelocator system 412 to provide the location of the cell phone 424corresponding to the user. The host can provide the cell phone locatorwith a cell phone number, a cell phone account number, or otherinformation corresponding to the ascertained cell phone.

The cell phone locator system 412 receives the host request anddetermines the current location of the cell phone 424. The cell phonelocator can use cell triangulation to determine the current location ofthe cell phone. Alternatively, the cell phone locator can use a GPSdevice in the cell phone to determine the location of the cell phone.For example, the cell phone may receive a request from the cell phonelocator to report its location. In response to the request, the cellphone can find its location (or GPS coordinates) using its GPS receiver.The cell phone then communicates the location data to the cell phonelocator using cellular technology. Alternatively, the cell phone maytransmit its location to the cell phone locator system using (viasatellite) GPS technology. Thus, the cell phone locator system 412 knowsthe location (or GPS coordinates) of the cell phone.

The host 410 receives the location of the cell phone from cell phonelocator system 412. Alternatively, the host can receive (via GPS, RFID,bar code reader, etc.) the location of the cell phone directly from thecell phone. The host can then compare the cell phone's location to themachine's location. If the locations correspond, then the received useridentification data is authenticated. The current machine customer(adjacent to the machine) is determined as an authorized user of theaccount. The transaction request is approved.

If the locations do not correspond, then the host may operate inaccordance with its programming so that the current machine customer isdenied the ability to perform transactions with that account(corresponding to the received identification data). That is, atransaction request (and/or use of the machine) would be denied. Thesecurity arrangement prevents an unauthorized machine user (i.e., athief) from using a machine card that was stolen from a service member,to perform a transaction at the machine involving the member's financialaccount. Thus, even if a member's card and PIN are stolen by a thief,the fraud prevention service can still prevent unauthorized machineaccess to funds in the member's bank account. Because of the additionalcell phone security feature, the thiefs use of the machine would belimited (e.g., card entry, PIN entry, etc.), and would not include theftof the member's money.

It should be understood that cell phone and machine locations are deemedto correspond through operation of the system based on predeterminedvariables. Particular variables can be assigned to particular users ofthe fraud prevention service. For example, one correspondence mayrequire that the compared locations be within a predetermined degree ordistance from each other. In another acceptable correspondencearrangement, the machine location may have to be physically locatedwithin the same cell as the cell phone. Correspondence may also be timesensitive. For example, a member of the fraud prevention service canhave their account set up such that machine usage is only permittedduring specific times of specific days. Thus, time can be another factor(or variable) that may have to be met (along with correspondence betweencell phone location and machine location) before a transaction isauthorized. In still other arrangements, time can be chosen by a memberas the only variable. For example, a member who only needs limitedaccess to a machine may select their machine access time period aslimited to 9-10 a.m. on Saturday mornings. Any (fraudulent) attempt toaccess this person's account at a machine outside of this designatedtime period would be denied. The fraud prevention system is flexible andenables users to select and/or change their assigned variables to meettheir particular needs and safety concerns. This may be done for exampleby the user establishing the parameters through correspondence withtheir financial institution when they establish the service.Alternatively or in addition the user may establish and/or change theirdesired usage parameters through communication with the bank inconnection with an online banking system. Thus, for example, users whohave the online banking service and the associated secure communicationsassociated therewith may be given the option to modifY their machineusage parameters through an online interface which thereafter operatesto cause the parameters for authorized transactions to be changed. Inanother example, users who subscribe to mobile banking features may setor change usage times and perhaps other usage parameters via theirmobile device such as a cell phone. Alternatively or in additionmachines may include programming which enables a user once they haveestablished their authority to operate the machine to thereafter changeor modifY certain user parameters through inputs through the machineinterface. In addition to time, other user changeable usage parametersmay include placing dollar limits on transactions, allowing sometransaction types while blocking others, and/or setting cumulativehourly, daily, weekly or monthly transaction limits. Of course theseapproaches are exemplary and in other embodiments other approaches maybe used.

An exemplary system for fraud prevention will now be explained. A personuses a machine to request a financial transaction, such as a cashwithdrawal transaction request for $100 from a checking account. Therequest (along with other information) is transmitted from the machineto the transaction processor host (which may be the host computer forthe machine network). As previously discussed, the host knows or candetermine the location of the machine from which the transaction requestis being made. The host also knows that the transaction request is froma particular individual due to the identification (e.g., an accountnumber on a card) provided to the machine during the request.

The host analyzes database records corresponding to that particularindividual. The host can determine through execution of its programmedinstructions whether the individual is a member of the fraud preventionprogram. If so, then the host also determines the member's cell phoneprovider. This is done by accessing stored data in at least one datastore. The host requests the current location of the member's cell phonefrom the cell phone provider (or a phone location server associatedtherewith). The cell phone provider computer or computers determines thecurrent location of the member's cell phone and then transmits messagesincluding data corresponding to that location back to the host. The hostcompares the received cell phone location to the machine location. Ifthe two locations are within a predetermined range or proximity of oneanother, then the transaction requested is determined safe and can beauthorized according to normal transaction authorization rules in place.However, if the two locations do not correspond or are not within thepredetermined acceptable proximity, then appropriate fraud notificationrules and procedures can be implemented.

Alternatively or in addition, the location of the user's cell phone inproximity to the 15 machine can be determined through the use oflocalized communication and positive identification of the user's cellphone. This can be accomplished using near field communication (NFC),Bluetooth, RFID, RF, IR or other local communication of data that canidentify the user's cell phone.

Thus, grant/denial of a machine transaction request involving a member'saccount can be based on that member's (current or real time) location.If it is concluded that the member is adjacent the machine, then thetransaction request is granted. Otherwise, the transaction request isdenied. The member's determined location (via the member's cell phonelocation) can be used as another (or secondary) source of useridentification.

A variety of additional fraud notification rules can be defined(selected) by the member, such as at the time of service protectionenrollment. In a first example, if a member (e.g., a female) has soleaccess to her account and she normally has the cell phone with her, thenshe may have selected an option in which the service provider (e.g.,bank or host operating on behalf) denies any transaction request wherethere is a mismatch between the machine location and her cell phonelocation. With this selected option the member's cell phone may receivefrom the service provider a text message like “A transaction was justattempted against your account, but was denied due to locationdiscrepancies between the machine in question and your cell phone.Please contact us at . . . for more information.”

In the first example, a machine may be instructed by a host to capturethe inserted card responsive to a determined mismatch of locations.Further, the host itself may be programmed to notify the police of apotential theft in progress at the particular machine. This may be donefor example through an automated voice response interface that operatesto cause a synthesized Alternatively or in addition text messages,e-mail, radio, or other types of transmission messages to communicatewith appropriate authorities may be used.

In a second example, a member (e.g., a male) may share access to anaccount (such as with a spouse) and it can sometimes happen that thelocation of the designated cell phone and a machine location may notcoincide. Therefore, the member may select a notification option whichcauses the at least one computer of the service provider to operate tonotify the cell phone holder via a text message on the cell phone that“A transaction was just requested against your account at the machinelocated at Wisconsin and M streets.” Many methods of informing theholder that they have a text message can be used. For example, anaudible (ring) or vibratory notification can be used. Additionally,messages other than in text format (e.g., a voice message, e-mailmessage, page or other messaging) can be used.

If the location and/or timing of the requested machine transaction forwhich notice is given is suspicious to the member then he call furtherinvestigate. For example, he may call his spouse for verification. Ifnecessary, he can notify the machine's bank and/or the police.Alternatively, the host (or the security service) may be programmed tonotify proper authorities of a potential fraud in progress at theparticular machine. Thus, the scenario is cardholder/fraudprevention-centric.

In an exemplary embodiment of the security system, a selectable optionpermits the cell phone holder to grant permission for the requestedmachine transaction (e.g., by the spouse) to be remotely authorized.Permission can be granted by the security system to allow the machinetransaction to proceed upon receiving one or more messages correspondingto consent from the designated cell phone. Consent can be automaticallygranted upon the system receiving a call from the designated cell phoneto a certain phone number (or code) within a certain amount of time. Forexample, a person may initiate a consent call text message or othercommunication after verifying that their spouse is trying to use themachine. The consent call phone number (or consent code or password) mayalso be selectable by a member in some embodiments of the fraudprevention system. The machine may be instructed by its host to capturean inserted card responsive to the system determining a mismatch oflocations in combination with no received consent call or otherappropriate response to authorize the machine usage.

It should be understood that in some embodiments there may be many otherdetection, notification, and consent options available. For example, amachine with a camera can capture an image of the current machine userat the time of the detected discrepancy in locations between the machineand the cell phone. The captured user image (with or without a textmessage) can be sent to the designated cell phone. The person having thecell phone in their possession can be notified (via the phone) of thediscrepancy and that they have access to an image of the machine user inquestion. The cell phone holder can then view the user image on adisplay screen of the cell phone. The image can help the cell phoneholder (e.g., owner) quickly determine whether to grant consent to thecurrent machine user. This may be done, for example, in the mannerdescribed in U.S. Pat. No. 7,533,805 the disclosure of which is hereinincorporated by reference in its entirety. Thus, consent can be imagebased. Communication and data transfer between the security system and adesignated cell phone can occur in real time or near real time.

Also, in some embodiments more than one cell phone can be assigned to anaccount. This may be done, for example, by associating multiple cellphone numbers, text message numbers, e-mail addresses or otherpredetermined notification network addresses with an account in at leastone database that is accessible by one or more computers that areoperative to cause notifications to be given. Thus, the host can obtainthe current location of plural cell phones. For example, GPS ortriangulation of cell areas may be used to determine the cell phones'location. If the host (or another computer of the service provider)determines that one of the cell phones is currently located adjacent tothe machine then the transaction request is permitted. This optionenables family members such as both spouses (who have respective cellphones) to separately carry out a machine transaction without requiringservice provider notification.

Other methods of communicating between the service provider and themember may be used in some embodiments. For example, a personal (humanvoice) phone call may be made on behalf of the service providernotifying the service member of the situation involving their account.This may be done through operation of an automated voice response (A VR)system in operative connection with one or more computers so as to dialand/or send a simulated voice message to one or more phones. This may bedone in tt1.e manner of the incorporated disclosure or through othertypes of devices. Alternatively or in addition one or more computers ofthe service provider may operate to give notice to a live service personto make a call to the cell phone of the customer involved. The serviceprovider can call the cell phone number assigned to the member causingthe cell phone to ring. After the member answers their cell phone, theservice provider can inform the member of the discrepancy situation.Instead of a live person, a recorded message can be used for theinforming. Other communication formats can be used. This may include,for example, IM (instant messaging), text messaging and the like may bethe communications formats used to contact the member's cell phone.

Alternatively, a member's device other than their cell phone may becontacted by the service provider. For example, a notifying e-mail maybe sent (by the service provider such as through automated computerdispatch) to the member's work and/or home PC. A voice message may beleft on the member's home answering machine. Alternatively or inaddition the user may be contacted via pager message, message to aservice to which the user subscribes, for example Twitter^(SM) or othermethodology that is operative to provide a user that reasonably promptnotification.

As discussed, in some embodiments different security levels of frauddetection and member notification can be selected by the member. Forexample, a different level of detection may use cell triangulation inplacing the location of a cell phone instead of having GPS embedded inthe cell phone. The cell in which the cell phone is deemed present canbe compared to the cell in which the machine resides. If the cellscorrespond, then the transaction requester is authenticated as anauthorized user of the account. It should be understood that evenfurther detection and notification procedures may be available in someembodiments to members of the security system.

As previously discussed, an exemplary embodiment of the security systemenables authorization (or authentication) of machine transactions basedon the (cellular) location of the security system member. Theauthorization can be further based on GPS location of the machine. Theauthorization can additionally or alternatively be based on localcommunication from the user's cell phone. The exemplary security systemprovides additional transaction security to help prevent unauthorizedmachine access to a financial account if it is determined that thelocation of the machine from which the account transaction is beingrequested substantially differs from the location of the authorized userof the account. The location of the machine can be determined via GPStechnology. The location of the authorized user can be determined viathe location of the user's cell phone. Also, some other (communicator,detectable, or traceable) device (e.g., a computer chip) normally with(or on or embedded in) the user can alternatively be used. The locationof the cell phone can be determined via cellular or GPS/cellulartechnology.

It should be understood that the description of the security system withregard to automated banking machines is exemplary, but is not to belimited thereto. Such a machine is one of many automated transactionmachines in which the security system can be implemented. Others includepoint-of-sale (POS) locations/systems and self-service machines.Likewise, the security system can be used with facilities, such as gasstations. A positive comparison of the gas station (or fuel pump) GPSlocation with the purchaser's cell phone location grants access to thefuel. Alternatively, a cellular device may be located in or on avehicle. When a person requests fuel for the vehicle, a comparison ismade of the vehicle location (e.g., cellular location) and gas stationlocation (e.g., GPS location).

Additionally, the security system can be used in conjunction with othertransaction facilities, including stores, restaurants, etc. The securitysystem can be used where location based verification or identificationof a person is needed. The security system helps to reduce or preventunauthorized use of a financial account by determining whether thelocation at which the account is trying to be used substantially differsfrom the current location of the authorized user of the account. Again,the security system can be used in conjunction with POS transactionsinvolving a check, a credit card, a debit card, a smart card, or someother type of transaction item. The security arrangement provides anadditional layer of fraud protection with regard to financialtransactions. Because of the reduced risk of fraudulent transactions,merchants and/or credit card companies may give discounts to payingcustomers who take part in the security system.

The exemplary security arrangement permits a method to be carried outincluding the steps of (a) receiving input with a machine, where theinput corresponds to an accou.11t; (b) determining a current distance ofan authorized user of the account relative to the machine; and (c)determining whether the received input corresponds to the authorizeduser responsive to the determination in (b). Step (c) can includedetermining whether a current machine customer is authorized access tothe account responsive to a computer comparison of the current locationof the authorized user relative to the machine. The determination in (c)can include comparing machine location to current authorized userlocation. The current authorized user location can correspond tolocation of a personal item of the authorized user, where (b) includesdetermining location of a personal item of the authorized user. Thecurrent authorized user location can correspond to location of a cellphone of the authorized user, where (b) includes determining location ofa cell phone of the authorized user. The cell phone can include a GlobalPositioning System (GPS) receiver, where (b) includes determininglocation of the cell phone via GPS. The input can correspond to anaccount of the authorized user, where (c) includes determining whetherthe current machine customer is the authorized user. Step (a) caninclude receiving account data on/from a card. Step (a) can includereceiving biometric input corresponding to an authorized user of theaccount.

The exemplary security arrangement permits another method to be carriedout including the steps of (a) receiving a transaction request at anautomated transaction machine, where the transaction request isassociated with an account; (b) determining location of the automatedtransaction machine; (c) determining at least one location of at leastone authorized user of the account; (d) comparing the locationdetermined in (b) to the at least one location determined in (c); and(e) responsive to a positive comparison in (d), granting the transactionrequest received in (a).

The exemplary security arrangement permits a further method to becarried out including the steps of (a) receiving customer identificationinput with an automated transaction machine; (b) determining a firstcustomer location as location of the machine, responsive to the input;(c) independent of (b), determining a second customer location ascurrent location of an item on the customer, responsive to the input;(d) comparing the first and second customer locations; and (e)responsive to a positive comparison in (d) authorizing a first customertransaction with the machine. Step (a) can include receiving customeridentification input with a machine including a currency dispenser, andwhere (c) includes determining location of a cell phone.

The exemplary security arrangement permits another method to be carriedout including the steps of (a) determining location of a portablecommunication device affiliated with an authorized customer responsiveto input to an automated transaction machine; and (b) determiningwhether the input corresponds to the authorized customer responsive torelative location between the device and the machine. The portablecommunication device can comprise a cell phone. A customer of themachine can be authorized a transaction responsive to location of thecell phone corresponding to location of the machine. The machine cancomprise an ATM.

The exemplary security arrangement permits another method to be carriedout including the steps of (a) determining location of a cell phoneaffiliated with an authorized customer; and (b) authorizing to thecustomer a transaction with an automated transaction machine responsiveto location of the cell phone corresponding to location of the machine.

The exemplary security arrangement permits another method to be carriedout including the steps of (a) receiving input with an automatedtransaction machine, where the input is associated with a customeraffiliated with an object locatable independent of operation of themachine; and (b) authorizing a customer transaction with the machineresponsive to correspondence between location of the object and locationof the machine. The object can comprise a cellular item, a GPS item, oran RFID item, for example.

The exemplary security arrangement permits another method to beperformed including the steps of (a) receiving input with an automatedtransaction machine, wherein the input is associated with a customeraffiliated with a remotely locatable device; (b) operating at least onecomputer to determine location of the device; (c) operating the at leastone computer to determine whether the location of the device determinedin step (b) corresponds to location of the machine; and (d) responsiveto correspondence in step (c), authorizing to the customer a transactionwith the machine.

The exemplary security arrangement permits another method to beperformed including the steps of (a) receiving input with an automatedtransaction machine, wherein the input is affiliated with a cell phone;(b) operating at least one computer to determine whether location of thecell phone corresponds to location of the machine; and (c) responsive tocorrespondence in step (b), authorizing a transaction with the machine.The exemplary security arrangement permits another method to beperformed including the steps of (a) receiving input with an automatedtransaction machine from a person associated with a cell phone; and (b)determining whether the person is an authorized user of the machineusing location of the cell phone relative to location of the machine.

The exemplary security arrangement can include an apparatus comprising:a system, where the system includes a plurality of cell phones, at leastone computer, a plurality of cash dispensing machines each having a GPSdevice, a machine host in operative communication with and remote fromthe machines, and a cell phone locator system in operative communicationwith and remote from the host; where the machine is operative to receiveuser identification data from a customer, the host can determine a cellphone ID assigned to the received user identification data, the host canalso determine location data corresponding to a machine from either adatabase or from a GPS device in the machine, the cell phone locator candetermine the current location of a cell phone corresponding to the cellphone ID responsive to a request from the host, the cell phone locatorcan then send the cell phone's location data to the host, the host canthen compare the cell phone's location data to the machine's locationdata, responsive to the comparison the host can either authorize thecustomer to perform a transaction at the machine if the locationscorrespond or deny the customer from performing a transaction at themachine if the locations do not correspond.

The exemplary security arrangement can include another apparatuscomprising: at least one automated transaction machine, where eachmachine is operative to receive account information from a customerduring a transaction request, and a host, where the host includes atleast one computer, where the host is in operative communication withthe at least one machine, where the host is operative to determinegeographical location of a transaction request at a machine responsiveto account information received at the machine, where the host isoperative to determine geographical location of at least one authorizeduser corresponding to account information received at a machineindependent from a determination of geographical location of atransaction request at the machine, where the host is operative tocompare transaction request geographical location to authorized usergeographical location, and where the host is operative to determinewhether a machine customer corresponds to the at least one authorizeduser. The apparatus can further comprise a cell phone, where the host isoperative to determine geographical location of at least one authorizeduser via the cell phone. The cell phone can include a Global PositioningSystem (GPS) receiver. The apparatus can further comprise a cell phonelocator system, where the cell phone locator system is operative todetermine the current location of the cell phone. The host can be inoperative communication with the cell phone locator system, where thehost is in operative to request the cell phone location from the cellphone locator system. The cell phone locator system is operative toprovide the current location of the cell phone to the host. At least oneautomated transaction machine comprises at least one automated tellermachine (“ATM”), where each machine includes a currency dispenser, andwhere each currency dispenser is operative to dispense currency from arespective machine. Each machine is operative to receive accountinformation from a customer during a transaction request. At least onemachine includes a GPS receiver. The host is operative to determinegeographical location of at least one machine via GPS data. The host isoperative to compare cell phone location to machine location todetermine whether a current machine customer corresponds to anauthorized machine user.

In alternative arrangements, a RFID object can be used instead of or incombination with cellular and GPS objects. An RFID object can be used toverify that the current machine user is an authorized user. The RFIDobject can be separate from a user card. The RFID object can be used asanother security level for verifying user authorization. The machine hasa RFID reader. The user data read from the RFID object (tag) is comparedto another form of user identification (user card, user fingerprint,iris scan, palm vein scan, other biometrics, etc.). The comparing cantake place at the machine, machine host, or security center. Thecomparison can be used to determine if the RFID object ID and user IDcorrespond. A positive correspondence permits the user to use themachine for transactions. If the machine is unable to obtain thenecessary data from the RFID object (which is an indication that theRFID object is not adjacent the machine) then usage of the machine isdenied.

The ability to locate a machine's geographical position can also be usedto provide location-oriented services to the public. A service provider(“SP”) can provide the services. The service provider can comprise or beassociated with a previously discussed security center or service centerincluding one or more computers. A computer in the machine (or the GPSsystem) can convey coordinate location data to the service provider. Theservice provider computer or computers can operate to store this machinelocation data in a database along with other location data correspondingto other machines. Thus, the database can include the locations ofplural machines, including machines belonging to different bankingnetworks. The database may also contain location information for manyother locations that may be of public or private interest. The databasemay contain data corresponding to waypoint location information, e.g.,stores, food establishments, bank branches, or even dynamicmachine-service vehicle locations.

Machines with GPS capability provide the capability to referencecoordinates for machine-based map generation. The database can alsostore map data. A service provider can use a geographical starting pointreference from which to generate a variety of “how to get there fromhere” directions, which may be in the form of a map.

A machine direction-providing service can receive a request fordirections from one or more entities (e.g., a person, computer, machine,etc.). For example, a person at a first location (e.g., a merchantstore, fuel station, restaurant, etc.) may wish to have directions tothe nearest machine. The direction requester may be a person desiring touse a machine to perform a financial transaction (e.g., cash withdrawal,reload a smart card, etc.). Of course the individual may also be amachine service person needing to locate a malfunctioning machine.

The system allows a person to provide their current (or best known)location to the service provider. The current location may be providedto the service provider in numerous known ways. From this “currentlocation” information, the location service can instruct or providedirections to the person on how to get to the nearest (or desired)machine. The service provider can also provide directions to the nearestmachine belonging to a requested particular bank or financialinstitution (e.g., a bank belonging to the requester's home bankingnetwork).

The service provider providing the directions can be a company, person,computer, and/or machine. The service provider can communicate with adirection requestor via diverse communication devices and processes. Thedirection-providing service can be made available to a directionrequester via a variety of communication devices, such as PDA, cellphone, Internet, address input, input device equipped with a GPSreceiver, on-line devices, and off-line devices. Other knowntransmission processes suitable for communication may be used, includinganalog, digital, wireless, radio wave, microwave, satellite, andInternet communication. For example, the service provider may operateone or more computers to communicate with a person using voicerecognition software and speech software. In another example, a personcan wirelessly transmit their request along with their current GPSlocation to the direction-providing service over the Internet via ahand-held computer or cell phone. In response, the service can download(e.g., as e-mail, PDF file, voice mail, instant message, etc.) therequested directions (e.g., a detailed map) to the hand-held computer.In a further example, a cell phone can include a GPS system. The personcan wirelessly transmit their request along with their current GPSlocation to the service via the cell phone. For example, when the cellphone calls a particular phone number of the service provider for adirections request, the cell phone also transmits its current GPSlocation. Alternatively, the service provider computer can operate torecognize the cell phone number via caller ID, match the cell phone'snumber to the cell phone's GPS system, obtain the cell phone's currentlocation from the cell phone's GPS system, and then transmit directionsto the nearest machine based on the cell phone's location.

FIG. 20 shows one or more computers of a service provider 380 inoperative connection with a database 390. The service provider 380includes at least one computer 382. The service provider 380 cansimultaneously communicate with and provide Information to pluralrequesters 384, 386, 388.

The database 390 can store machine location data 392, map data 394, andadditional data 396. Such additional data 396 may be key words orphrases, such as landmark names, points of interest, streetintersections, city sections such as Chinatown and Little Italy, etc.For example, a requester may not know their exact address location butcan inform the service provider (via their phone) that they are near theintersection of 19th and M streets. The computer 382 can operate torecognize (such as via voice recognition software) the receivedintersection as location information. From the intersection informationthe computer 382 can provide the requested directions. It should beunderstood that directions can also contain landmarks, points ofinterest, street intersections, etc. For example, by knowing whichintersection the requester is near and the (real time) visual lay out ofthe city, the service provider 380 can instruct the requester that thenearest machine is next to a landmark that is easily visible from theintersection. Such a landmark may be a well lit (neon) sign, a belltower, a pedestrian bridge, etc. Thus, additional stored data 396 can beused by the service provider computer 382 to more accurately understandrequests and provide locations/directions to requesters.

An exemplary flowchart of requesting/receiving service is shown in FIG.21. The actions performed by the requester and by the service providerare also shown. In the exemplary method a requester (e.g., a person)contacts one or more computers of the service provider (SP).

The SP operates to acknowledge the contact and provides at least onemessage that asks for the person's PIN or service access code. Theperson provides their PIN. The SP compares the PIN with a list of validPINs and determines the PIN acceptable. The level of service associatedwith the PIN is obtained. The SP provides at least one message thatprovides at least one message that asks for the person's currentlocation. The person notifies the SP of their current location (e.g., anaddress, notable landmark, etc.).

The SP analyzes (e.g., voice recognition, speech to data interpretation,etc.) the provided location for best fit location comprehension. Thatis, the SP computer operates in accordance with its programming andstored data to recognize the provided location. The comprehendedlocation may be compared to locations in the database to determine if itis a usable (valid) location. If the provided location is not usable,then the SP may ask the person to again provide the location, or moreinformation may be requested to ensure location accuracy. For example,the SP may provide synthesized speech which includes the comprehendedlocation to the person and ask the person to validate whether thelocation is correct. Once a provided location is deemed valid, then theSP can ask for the person's request. In response, the person may requestdirections to the nearest available machine.

The SP uses the database information to determine the shortest availableroute from the person's current location to the nearest machine. The SPgenerates directions in a format capable of being received by theperson. The format can match the format in which the request wasreceived. For example, if the request was made via the person's cellphone, then the directions can be provided in a form capable of beingreceived by the person's cell phone. The SP provides the directions tothe person. The person receives the directions. It should be understoodthat in other arrangements greater or fewer steps may be carried out,and the order of the steps can vary.

The person's request for directions may be selected from a list ofoptions. For example, options may include press number 1 for informationregarding the nearest machine, press number 2 for information regardingthe nearest fee-free machine, etc. Once the first option is input thenanother set of options may be provided to the person. The second set ofoptions may relate to the context in which the information content is tobe provided. For example, assuming that the nearest machine was selectedin the first option set, the second options may include press number 1for the machine address, press number 2 for a map to the machine, pressnumber 3 for an operator to guide you to the machine, etc. Further setsof options may follow to ensure the desired service. The serviceprovider can know the level of service available to the requester basedon the provided PIN. Likewise, other information (e.g., requester's homebanking network) can correspond to the provided PIN.

The person's communication device may partake in obtaining the person'scurrent location and in notifying the service of the current location.For example, the person's communication device may include GPS. GPS,triangulation of cell areas, or other approaches may be used todetermine the requester's (cell phone) location. Also, a person'srequest for directions may be a default request based on the manner ofcommunication. For example, a service provider may treat any personcalling their phone number as a direction requester by default. Thus, aperson may not have to actually (e.g., verbally) request directions, italready being inferred.

The direction-providing service may be a free service, a pay-as-you-useservice, and/or limited to paid subscribers. A person may have access tothe service as a result of being a valued customer of a particular bank.For example, a machine customer that regularly incurs machinetransaction fees to the bank may receive free access to themachine-directing service. The bank can provide (or pay for) the serviceon behalf of the valued customer. The level of service may vary with thetype of service to which the person has subscribed. For example, onetype of service may include having a personal assistant stay on a phonewith the person until they correctly and safely reach their desiredmachine, while another level of service may simply provide the streetaddress of the nearest machine.

FIG. 23 shows schematically the system of an exemplary embodiment thatmay be operated to minimize the risk of a user's financial account beingaccessed by an unauthorized person at an automated banking machine. Itshould be understood that the system is shown schematically and is shownschematically for purposes of facilitating explanation.

The system shown in FIG. 23 includes automated banking machines 402, 404and 406. The automated banking machines in some embodiments may be ATMsand in other embodiments other types of banking machines may be used.The automated banking machines are connected through one or morenetworks 408 with one or more remotely located computers.

In the exemplary embodiment, the remote computers include a hostcomputer 410. The host computer can include one or multiple computersthat are in operative communication with one or more data storesschematically indicated 414. The exemplary embodiment further includesone or more other remote computers. This is schematically represented bya server 416. Server 416 is also in operative connection with one ormore data stores 418.

In the exemplary embodiment, the host computer 410 is in operativeconnection with a wireless communication system schematically indicated420. Similarly, in this exemplary embodiment the server 416 is also inoperative connection with a wireless communication system schematicallyindicated 422. In exemplary embodiments, the wireless communicationsystem may be operative to provide connections to achieve communicationswith cell phones, such as phone 424 schematically shown in FIG. 23. Thewireless communication systems may be in operative connection with oneor more wireless networks. Alternatively or in addition, the wirelesscommunication networks may be operative to communicate wirelessly withother devices. This may include in some embodiments, the capability forcommunication of GPS data for tracking cell phones or other wirelessdevices, as previously discussed. Alternatively or in addition, thewireless communication capability may be usable for wireless tracking ofthe automated banking machines or other items.

In the exemplary embodiment, the automated banking machines may includeinput devices of the types previously discussed. This may include, forexample, a card reader which is operative to read data from user cardswhich correspond to financial accounts. The automated banking machinesmay also include other input devices which have a capability to provideuser identifying data. The exemplary automated banking machines may alsoinclude input devices such as keypads which are usable to receive manualinputs from users. This may include, for example, data such as personalidentification numbers (PINs). Keypads may also be used for receivingtransaction amounts or other user-provided inputs. It should beunderstood for purposes of this disclosure that keypads can includetouch screens or other devices that can receive user selectable inputs.

Exemplary automated banking machines may also include other inputdevices such as for example a bar code reader. Bar code readers may beusable to read for example one-dimensional or multi-dimensional barcodes for purposes of determining the data represented thereby. Ofcourse this is accomplished thorough operation of one or more bankingmachine computers that are included in each of the automated bankingmachines. Further, in some exemplary embodiments image capture devices,such as cameras, may be associated with or mounted near or within eachof the automated banking machines. The image capture devices may operatein connection with one or more computers and systems having thecapabilities described in U.S. Pat. No. 7,533,805, the entire disclosureof which is herein incorporated by reference. Of course thesecapabilities are exemplary and in other embodiments other approaches maybe used.

In the exemplary embodiment, the one or more servers 416 can havecapabilities like those described in U.S. Pat. No. 7,516,087, thedisclosure of which has been herein incorporated in its entirety. Thisincludes for example, including in the one or more data stores 418 datawhich corresponds to user data and messages or other actions to bepresented and/or taken when a particular user is determined to berequesting a transaction at a particular machine. This can include forexample, presenting certain specific determined messages to theparticular user based on stored information and/or criteria associatedwith that particular user.

In this particular exemplary embodiment, the one or more server datastores 418 include data corresponding to one or more predeterminednotification network addresses. The network addresses are associatedwith user data that is received by the server 416 responsive to a userconducting a transaction at a particular automated banking machine. Thisnetwork address data may correspond to one or more ways of communicatingwith the particular user. In exemplary embodiments, these ways ofcommunicating may correspond to communication with a user's cell phone.This data may include, for example, address data for calling theparticular user's cell phone. Alternatively or in addition, the addressdata may include data for communicating a text message to the user'sparticular cell phone. Alternatively or in addition, the data mayinclude an e-mail address at which messages are receivable with theuser's cell phone or other manner for communicating with the particularuser's cell phone or other mobile device so as to enable thecommunication to be provided to the user during or proximate to theconduct of a particular transaction at an automated banking machine.Furthermore, the exemplary embodiment of the one or more servers 416includes computer executable instructions that are operative to causethe server to generate message content appropriate for messages to becommunicated to a user's cell phone or other mobile device related toparticular transaction conditions. Alternatively or in addition, suchmessage generation capabilities may be associated with other connectedcomputers and/or the wireless communication system with which the server416 is connected.

In the exemplary embodiment, the host system may operate in a mannerlike that discussed in the incorporated disclosures to receive messagesfrom an automated banking machine and to cause a financial transferrelated to an account corresponding to card data on a card that is readfor purposes of carrying out the transaction at the particular machine.Thus for example, in exemplary embodiments the host 410 may receive oneor more messages from an automated banking machine at which a user isrequesting a transaction. These host messages may include datacorresponding to card data which identifies the user and/or theirfinancial account. The host messages may include data corresponding to aPIN number or other identifier presented by the user at the bankingmachine. The one or more messages sent to the host from the bankingmachine may generally also include information regarding the type oftransaction the user wishes to conduct. This may include, for example, acash withdrawal from the automated banking machine. The one or moremessages sent to the host may also include data corresponding to anamount associated with the transaction that the user wishes to conduct.This may include for example, in a cash withdrawal transaction, arequest for $200 to be dispensed from the banking machine and assessedto a user's checking account.

In exemplary embodiments the host may operate in accordance with itsprogramming based on data stored in the one or more data stores, todetermine that the card data corresponds to an authorized user whoseaccount is authorized to carry out the requested transaction. The hostcomputer may also operate in accordance with its programming todetermine that PIN number data or other data included with a messagecorresponds to that which is appropriate for the particular user oraccount. This is done based on the host computer operating to determinethat the data included in the message corresponds to data in the one ormore data stores 414. Of course these approaches are exemplary and otherapproaches can be used.

The host computer may also determine that the requested automatedbanking machine transaction is authorized for the particular accountand/or user, and operates to cause one or more messages to be sent fromthe host to the particular automated banking machine. This may include,for example, including data in the messages which indicates that thetransaction is authorized. In response to receiving the messages fromthe host, the automated banking machine operates to carry out theauthorized transaction. In this example, this would include operating acash dispenser to cause cash stored in the machine in the requestedamount of $200 to be dispensed to a user.

Of course in a situation where the host computer determines that thetransaction is not authorized, then the messages sent to the automatedbanking machine will indicate that the transaction is not to beconducted. In this case, the automated banking machine may operate todisplay an appropriate message to the user, and will also operate tocancel the transaction. In some embodiments, and based on the messagesfrom the host to the automated banking machine, the user card may bereturned to the user. In cases where the card is reported stolen orotherwise the programming of the host indicates the card is beingimproperly used, the messages to the automated banking machine mayoperate to cause the banking machine to capture the card. Of coursethese approaches are exemplary.

Furthermore, in exemplary embodiments the automated banking machine mayoperate once it has successfully carried out the authorized transaction,to generate one or more messages to the host to indicate the successfulcompletion of the transaction. This may be done through operation of theone or more banking machine computers included in the machine, whichoperate in accordance with their programming to cause such messages tobe sent to the host. The host may operate in accordance with itsprogramming in response to the data included in such sent messages tocause a financial transfer from the user's account in an amountcorresponding to the cash dispensed. Alternatively, if the automatedbanking machine was not able to carry out the transaction (for examplethe cash could not be dispensed), the at least one computer in theautomated banking machine operates to cause one or more messages to besent to the host with data indicating that the authorized transactioncould not be carried out. The host operates in response to such messagesfrom the automated banking machine to record that the transaction couldnot be completed. The host also operates in such circumstances inaccordance with its programming not to charge the user's account for thevalue of the requested transaction. The host may further operate inaccordance with its programming to cause a notification to be given inappropriate circumstances of a problem or other situation at the bankingmachine that will need to be remedied because the transaction could notbe completed. This might include for example, information that thetransaction was unable to be completed because the automated bankingmachine does not contain sufficient cash. The host may operate inaccordance with its programming to give notice to appropriate servicepersons to replenish the machine with cash. Of course these operationsand steps are exemplary, and in other embodiments other approaches maybeused.

In the system schematically represented in FIG. 23 the system mayoperate to provide additional assurance or security that a requestedtransaction at an automated banking machine has been authorized by theactual owner of the account. This is accomplished in an exemplaryembodiment by the user being contacted via a cell phone (or othermobile/portable device) message during the transaction through aparticular network address associated with the cell phone that they haveregistered for receiving notifications. In a manner previouslydiscussed, the cell phone's contact data can be associated (linked) in adata store with user identification data (e.g., account data). The useridentification data (or data corresponding thereto) can be read by theautomated banking machine. Thus, user data read by the automated bankingmachine can be used to access stored contact data for the correct cellphone.

In one exemplary embodiment, the cell phone operates to receive aparticular message or security data that the user is required to inputto the automated banking machine in order to have a transaction proceed.The security data can comprise a code. The received message can includethe security data, which may also be referred to herein as permission,authorization, confirming, consent, approval, identifier, or securitydata. User input of the transaction security data (e.g., code) at themachine is sensed through operation of the at least one banking machinecomputer. The code is compared and verified (determined) as theappropriate (e.g., same) code that was sent during the transaction tothe cell phone that is associated in a data store with the particularuser.

Of course if the user's card has been stolen, the message that is sentto the user's cell phone will alert the actual authorized user that a(fraudulent) transaction is being attempted. Of course the person (e.g.,a thief) attempting unauthorized use of the automated banking machinewill not receive the provided code. Thus, a fraudulent transactionrequest will not be authorized to be carried out even in circumstanceswhere a thief (i.e., as an operator of the machine) has an authorizedcard/ID and PIN number for a particular account.

The exemplary software logic flow carried out through operation ofbanking machine computers in the automated banking machine in a systemwhich has these capabilities is schematically represented in FIGS. 24and 25. As can be appreciated, before a user approaches the automatedbanking machine it may be operating in a wait mode. This may include,for example, outputting particular promotional messages or otherinformation to attract a user to the machine and/or providinginstructions to a user on how to commence a transaction with themachine. In the exemplary embodiment, the machine user may commence atransaction by inserting or swiping a card which includes datacorresponding to the user's financial account. This is representedschematically in FIG. 24 by a step 426 in which the machine operates tocause a user's card to be read. This can be done for example throughoperation of a card reader in the machine.

In accordance with the incorporated disclosure, the exemplary embodimentof the banking machine computer is operative to cause to be sent to theserver 416 one or more messages including data corresponding to at leasta portion of the read card data. This is represented in a step 428. Ofcourse as can be appreciated, the one or more messages to the server 416may be encrypted or otherwise configured so as to reduce the risk ofunauthorized interception of the data that is exchanged in the messagesbetween the automated banking machine and the at least one server 416.

In operation of the automated banking machine in this exemplaryembodiment, the machine then operates in accordance with the softwareinstructions to receive PIN data from a user. This is represented by astep 430. The user inputs their PIN number through a keypad or otherinput device on the machine. Of course it should be understood thatother input devices for receiving identifYing information may be used.This may include for example biometric inputs, facial recognitioninputs, or other inputs that are suitable for identifYing the particularuser or their account.

In the exemplary embodiment, the automated banking machine operates inaccordance with its programming to provide a user with transactionoptions that the user may select. These transaction options correspondto transaction types that the user could conduct at a machine. Theembodiment operates to receive from the user one or more inputs whichare indicative of the particular transaction type that the user wishesto conduct at the machine. This is represented by step 432. For purposesof this example, it will be presumed that the user wishes to request acash withdrawal from their account, such as their checking account.

Step 434 represented in FIG. 24 corresponds to receipt by the automatedbanking machine from the user of the particular amount associated withthe transaction that they wish to conduct. In this case the amount ofthe cash withdrawal would be $200. The automated banking machineoperates to receive through inputs from the user, an indication thatthis is the amount of the particular cash withdrawal that the userwishes to receive. This can be done through a keypad, touch screen, orother suitable input devices.

In the exemplary embodiment of the system represented in FIG. 23, theautomated banking machine operates responsive to one or more servermessages from the server 416 to provide a particular output for usersthat have elected to receive a service in which additional authorizationis required in order to conduct transactions. This includes in thisexemplary embodiment, responsive to operation of the server 416, receiptof a message through their designated mobile phone or other portabledevice, which indicates the occurrence of a transaction at an automatedbanking machine. Further in this exemplary embodiment, the serveroperates in the manner later described in detail to cause to be sent tothe mobile phone, a particular code (or other transaction relatedidentifier) which the user must input/provide to the banking machine toallow the machine to carry out the requested transaction.

In some systems, a requirement for additional transaction authorizationmay be triggered by the type of transaction being requested. Forexample, if a cash withdrawal transaction is requested and the user carddata corresponds in a data store to a cell phone contact, then asecurity code may be sent to the cell phone. Thus, based on thetransaction type, the banking machine can be programmed to additionallyexpect or request the machine user (during the transaction) to inputdata corresponding to a security code. However, even though an accountmay be associated with a cell phone, other types of account transactions(e.g., an account balance request transaction) may not necessarilytrigger the additional security steps that include the sending of asecurity code to a customer's cell phone followed by user input of thecode to the machine. In such a scenario, the banking machine may beprogrammed to not expect any user input of data corresponding to asecurity code.

In an exemplary embodiment, at least one computer of the machine isprogrammed to carry out a transaction, such as a cashwithdrawal/dispensing transaction. The programming may cause thecomputer to carry out the transaction in stages. For example, in a firststage of the transaction the machine computer causes a reader device(e.g., card reader) to obtain user identifying data from a user of themachine. In a second stage of the transaction the computer sends amessage to a remote computer (e.g., server). The message causes cellphone contact data to be obtained (by the remote computer) from a datastore which associates the cell phone contact data with the useridentifying data. The message also causes a security code to be sent(through operation of the remote computer) to the user cell phone whichcorresponds to the cell phone contact data. In a third stage of thetransaction the computer receives user inputted data through an inputdevice of the machine. In a fourth stage of the transaction the machinecomputer causes cash to be dispensed, based on the received user inputcorresponding to the sent security code. Of course it should beunderstood that other transaction stages/steps can occur between thesementioned stages. For example, before the fourth stage the machinecomputer can cause data corresponding to the inputted data to be sent tothe remote computer for comparison with the security code, and receivefrom the remote computer data corresponding to the comparison result,which the machine computer operates to use in determining to eitherallow the transaction to proceed or to deny the transaction.

In some exemplary embodiments, the code may be a random one-time usecode that is generated through operation of the server (or othercomputer in operative connection with the server) executing a randomcharacter generation program. The random characters may include in someembodiments, numbers, letters, or other characters which are included ina code that otherwise cannot be predicted in advance, and which the useris required to input to allow the transaction to proceed. Thus, in theexemplary embodiment, in step 436 the machine receives from the user inresponse to a (message) output through a banking machine display device,the (same) code that the server caused to be sent to the user's mobiledevice. Of course it should be understood that if the transaction is notbeing conducted by the authorized user, then the person conducting thetransaction will not know the required code. Thus, the person will notbe able to input the correct code, and therefore will input an impropercode or no code. Alternatively, in some embodiments the mobile devicemay include software which resolves a different code that has acorresponding relationship to the server generated code, which can beidentified when input to the machine as corresponding to the servergenerated code.

Furthermore, code entry can be time sensitive. Thus, if the personoperating the automated banking machine does not input the correct codewithin a given time period, the machine may operate to cancel thetransaction and return to its initial waiting state. The machine mayalso operate in accordance with its programming to return the user cardto the user.

In the exemplary embodiment, after receiving the code from the user, theautomated banking machine computer operates in accordance with itsprogramming to send one or more messages to the server 416. These one ormore messages include data corresponding to at least a portion of thecode that was received from the user. This is represented in step 438.Of course as can be appreciated as in the case with the other servermessages and host messages, such messages may be appropriately encryptedor otherwise configured to reduce the risk of interception.

In the exemplary embodiment, the server operates in the manner hereafterexplained to determine if the user-inputted data (corresponding to thecode) that was sent by the automated banking machine to the server instep 438, corresponds to the (same) code that the server generated andcaused to be sent to the user's mobile device. The server operates inresponse to this determination to send to the automated banking machine,one or more messages with data which indicates whether the user-inputteddata corresponds to the data (code) that was included in the one or moremessages sent to the cell phone. Machine receipt of these messages isrepresented by a step 440 in FIG. 25.

In a step represented 442, the automated banking machine computeroperates in accordance with its programming to determine from the one ormore messages received in step 440 whether the data included thereinindicates that the transaction should proceed. If the server determinedthat the transaction should not proceed, the banking machine computeroperates in accordance with its programming to return the user's card.This is represented in a step 444. The machine also operates to cancelthe transaction as represented in step 446. However, as can beappreciated, a record of the transaction may be recorded and stored inthe machine, at the server or in other connected computers so as toprovide data usable to determine whether there is a pattern of possiblefraudulent activity related to a particular card. After canceling thetransaction, the machine then returns to its waiting state to beginanother transaction.

In the exemplary embodiment, if the one or more messages received by themachine from the server indicates that the transaction should proceed,then the automated banking machine operates in accordance with itsprogramming to send one or more messages to the host 410. These one ormore messages may be of the type previously discussed which include datacorresponding to the card data, identifying information such as the PIN,transaction type, and amount. The sending of such one or more messagesto the host is represented by step 448. Therefore, after performing theadditional security process, the machine can communicate with the hostto carry out the transaction process. As later described, part of thetransaction process may occur while the additional security process isbeing carried out.

The host operates in response to the receipt of the messages from theautomated banking machine to determine if the card data corresponds toan authorized financial account and whether the account is authorized toperform the transaction in the amount requested. The host also operatesto cause to be determined whether the PIN number or other identifyingdata corresponds to a particular authorized user that is permitted toconduct a transaction on the account. Based on this determination, thehost operates to send one or more messages to the machine which includesdata corresponding to whether the transaction should be allowed toproceed. These host messages are received by the automated bankingmachine as represented in a step 450.

The banking machine computer then operates in accordance with itsprogramming to determine if the messages received from the host indicatethat the transaction is authorized by the host. This is represented in astep 452. If the data included in the one or more messages from the hostindicate the transaction is not authorized, the banking machine willoperate in accordance with its programming to return the user's card.This is represented in step 454. The machine will also cancel thetransaction as represented in step 456. In the exemplary embodiment, themachine will then return to the waiting state for another transaction.Of course it should be understood that in some embodiments the one ormore messages returned by the host may indicate that the user's card isto be captured, additional images are to be taken of the user, or otheractivities are to be conducted through operation of the one or morebanking machine computers. The steps taken depend on the particularprogramming of the system and the content of the particular messagesreceived from the host computer. It should be understood that the stepsdescribed are exemplary and in other embodiments other steps orapproaches may be used.

If the one or more messages received by the automated banking machinefrom the host indicate that the transaction is authorized to be carriedout, the automated banking machine operates in accordance with itsprogramming to cause the particular devices of the machine to operate soas to complete the transaction. This is represented by a step 458. Thisincludes for example, dispensing cash through operation of the cashdispenser to the user in the amount of the $200 requested. This may alsoinclude the operation of other devices such as a printer to provide theuser with a receipt, operating the display to provide the user withinstructions to take their cash, or other steps/operations. Further, itshould be understood that the automated banking machine computer mayoperate in accordance with its programming to provide the user withpromotional or other messages such as those described in theincorporated disclosure as the transaction requested is being fulfilledthrough operation of the devices of the banking machine.

The automated banking machine of the exemplary embodiment operates inaccordance with its programming to send one or more messages to thehost. These messages indicate whether the transaction that wasauthorized was enabled to be successfully carried out. This isrepresented by a step 460. If the transaction was enabled to besuccessfully carried out, the host computer operates responsive to thedata included in the one or more host messages to cause the user'saccount to be assessed for the value of the cash dispensed. Of course ifthe transaction could not be carried out, the host may operate in themanner previously discussed to avoid assessing the user's account forany amount. The host may also operate in accordance with its programmingto cause notifications to be given or to take other steps to remedy anyservice problem that may be determined to exist at the machine which maybe preventing the machine from fully carrying out transactions.

In the exemplary embodiment, after sending the messages to the hostregarding the fulfillment of the transaction or taking the other steps,the machine can return to its waiting state pending the initiation ofanother transaction by a user. This is represented in FIG. 25 by a step462. Of course it should be understood that this schematic logic flowwhich is represented in FIGS. 24 and 25 is a schematic functionalrepresentation of program logic and additional actions and steps may becarried out through operation of the one or more banking machinecomputers.

Furthermore, it should be understood that the steps carried out by thebanlcing machine computer are carried out by computer executinginstructions that are recorded on one or more articles in the machinewhich hold such instructions. Such articles may include for example ahard drive which includes the data and software used in operation of themachine. The hard drive may be in operative connection with the one ormore banking machine computers. Alternatively or in addition, otherarticles which include computer executable instructions may includeflash memory devices, DVDs, COs, read-only memories, programmableread-only memories or a.11y other form of electrical, magnetic oroptical storage media from which computer executable instructions anddata may be recovered for execution. Thus, programming software cancause banking machine computers to perform transaction operations.Similarly, other computers operated in the system may have computerexecutable instructions stored on similar articles for purposes ofcarrying out their program steps. This includes for example, articles ofcomputer readable media associated with the servers and the hostcomputers used in the system.

The logic executed by the server 416 in the course of the transactionjust described is represented in FIG. 26. As shown therein, the server416 receives the one or more messages from the automated banking machinewhich includes data corresponding to at least a portion of the card dataand/or other user data which is sufficient for the server to identifydata that is associated with the card and/or a user. This is representedschematically by the step 464.

In an exemplary embodiment, users are enabled to sign up for the serviceeither by mail, through an online interface, by phone, or other suitablemethodology that eventually results in data being stored in one or moredata stores 418 associated with one or more servers. This data is usableto indicate whether a user card/account or other user data is associatedwith someone who has signed up for the additionalauthentication/security requirements.

It should further be understood that in some embodiments the card datawhich was sent to the system which identifies the user, may include notonly account data which identifies the particular account, but may alsoinclude the user name on the user's particular card. It may also includeother features such as biometric data, data corresponding to facialrecognition data, or other data which may identify a particular userbeyond the particular account data. This may include name data encodedon the magnetic card stripe. This is useful where spouses share a common(same) account but have different user cards (and phones), each of whichincludes the user's name. Thus for example, some embodiments may operateto send the user name data to the server so as to distinguish thepredetermined notification network address associated with a cell phonefor each particular spouse. This enables for example, the particularbanking machine user (first spouse) to be notified of the transactionthrough their cell phone (or other portable device) based on the datareceived at the banking machine, even though their account data isidentical to that of another user (second spouse). Of course it shouldbe understood that tl1is approach is exemplary and in other embodimentsother approaches may be used.

In the exemplary operation of the server, the server operates inresponse to the data received in the messages from the automated bankingmachine to determine if the data received corresponds to a user who hassigned up for the service. This is represented in a step 466. This isdone by the server recovering and analyzing the data regardingregistered users included in the one or more data stores 418. If thedata received from the automated banking machine does not correspond toan individual who has signed up for this service, the server may operatein accordance with its programming to return one or more messages to theautomated banking machine. These messages may include for example, amessage that causes the machine not to require the input of a code asassociated with a step 436. This will allow the automated bankingmachine to proceed to verify the transaction based solely on the dataassociated with the card and PIN data sent to the host. Alternatively orin addition, the server may operate in accordance with its programmingto cause one or more messages to be sent to the banking machine whichcause the machine to present to a particular user, information about thefact that the secondary/additional authentication provided through amobile device is available and to consider signing up for this service.Further as previously discussed, users in some embodiments may beprompted as to whether they wish to sign up for this service through thebanking machine in the manner of special user messages and responseslike those of the incorporated disclosure. This may be done after theuser has been authorized by the host as an individual who is authorizedto conduct transactions at the banking machine by having their card, PINand/or other data verified. Of course these approaches are exemplary.The sending by the server of the one or more messages to the automatedbanking machine so as to indicate that a mobile provided code will notbe required to conduct the transaction is represented in FIG. 26 by step468.

If in step 466 the data received from the automated banking machineindicates that the particular card data associated with the transactionis registered to require the additional authentication required by thesystem, the server 416 operates to generate a code. This is representedin a step 470. As previously discussed, in some exemplary embodimentsthis code may correspond to a random code or a code that has at leastone random portion. For example, in some embodiments the random code maybe generated through operation of random number generation softwareoperating in the server. This random code in some embodiments may be acode that is not predictable in advance of the time of the particulartransaction. Alternatively the server may operate to generate other datawhich can be used to obtain an input from the user at the machine whichverifies the identity of the user. For example, the server might operateto generate data which corresponds to a message which includes a queryto which only the authorized user could readily know the answer (and theanswer to which corresponds to data stored in at least one data storeaccessible by the server). Examples would be messages that prompt a userto enter their year of birth or the last four digits of their socialsecurity number. The message the server resolves could be a random oneof several such possible messages, each of which includes a query to theuser that has a response that would likely only be readily known by theuser. For purposes of this disclosure data corresponding to such amessage with a query which has an associated proper response input fromthe user that the server can identify as corresponding to the messagethat includes the query, will also be considered to be a code forpurposes hereof. Of course these approaches are exemplary and in otherembodiments other approaches may be used.

The server of the exemplary embodiment then operates as represented by astep 472 to cause the random code to be sent to the particular cellphone which corresponds in the one or more data stores with the userdata received. This is done in the exemplary embodiment by the serveroperating to determine from the user data it receives from the bankingmachine, the predetermined notification network address (e.g., phonenumber) which corresponds to the particular cell phone associated withthe user of the card that has been presented at the automated bankingmachine. The data store may also operate to include the particular typeof notification to be given to the address. This may include for examplea text message, e-mail message, voice notification message, or othersuitable message sufficient to notify the user of the code that isrequired to be input to the banking machine in order to allow thetransaction to proceed. One or more data stores associated with theserver may include data corresponding to the particular method ofnotification to be given to a particular user. It may also includeinstructions which are operative to cause notification to be giventhrough different alternative methodologies. For example, the user maybe given a minute to acknowledge a text message which is sent to theirspecified cell phone. If acknowledgment of the message is not receivedwithin the programmed time period, a phone call to the cell phone andcommunicating the data through an AVR system may be utilized. Further,in some embodiments if the user fails to acknowledge receipt of the codeto the system within a particular time period, the server may operate toprevent the transaction from being accomplished. Of course someembodiments may not require an acknowledgment of receipt of the codebeyond input to the banking machine. It should be understood that thesedescribed approaches are exemplary and other approaches and steps may beused.

As represented in the step 472 the at least one server 416 operates tocause the code that is generated through operation of the server and a nappropriate message to be sent to the user's cell phone through thewireless communication system 422. Of course as can be appreciated, thevarious steps and additional notifications may be given in somealternative embodiments in accordance with the programming of theparticular system. The message that is dispatched from the server isreceived by the phone 424 that has the network address data that isassociated in the at least one data store with the particular user datafor the card that is being used in the transaction. The user in responseto receiving the particular code on their phone, will then provide thecode (or a response or other data corresponding to the code depending onthe particular system) through one or more input devices to theautomated banking machine in a step 436. In some exemplary embodimentsthe message to the user's phone may include a statement that atransaction is currently conducted at a machine and they are required toinput the particular code in order to allow the transaction to proceed.Such a message will also operate to alert a user who may not be at anautomated banking machine that a fraud is being attempted. The messageto the user's phone may also indicate to the user a need to provide aparticular responsive message if, in fact, they are not conducting sucha transaction and they believe that such a transaction to be fraudulent.This may include for example the user providing one or more text messageinputs, inputting a specified character (e.g., #2), calling, orotherwise contacting one or more network addresses to provide an inputor message that will cause the server and/or the host to block thetransaction.

Alternatively or in addition, in some embodiments the message sent tot.1.e user's cell phone may give the user the option to allow thetransaction to proceed even though the code is not presented. This maybe done for example in circumstances where the user has given their cardto a child or other person for use on a temporary basis and the user isnot with the child or other person at the time. This may be done in someembodiments by the user being instructed to provide an input through thephone of one or more types of confidential information that would onlybe known to the particular user. This might include for example a secretcode other than the PIN, the user's mother's maiden name, or othersecret data or data that would generally readily be known by the user tothat has been established and recorded in a data store previously.Providing such an option may enable a transaction to proceed inemergency circumstances. It will also prevent a transaction fromproceeding in circumstances where the user does not wish for thetransaction to proceed. Of course these approaches are exemplary.

Further, while the exemplary embodiment discusses the presentation of acode that a user is allowed to manually input to the banking machinesuch as through a keypad, other embodiments may cause the code to beinput in other ways to the machine. This may include for example, havingthe mobile device output a two or three-dimensional bar code on thephone display. The bar code may include the data to authorize thetransaction. The bar code may be input in some exemplary embodiments bythe bar code reader of the particular automated banking machine readingthe bar code from the display of the cell phone. Alternatively or inaddition, the automated banking machine may include features like thosediscussed in U.S. Pat. No. 7,516,087 the disclosure of which has beenherein incorporated by reference in its entirety. In such cases theautomated banking machine may be associated with an image capture devicesuch as a camera. The phone may be caused responsive to operation of theserver to output visual images on the display of the phone or severalvisual images which are captured through operation of the image capturedevice. For purposes hereof such phone output and machine capturedimages correspond to and are considered the particular code that isusable to allow the transaction. Of course these approaches areexemplary of approaches that may be used.

Assuming in an example embodiment that the user properly receives amulti-character code through their mobile device, the user inputs thecode through at least one input device of the represented in step 474.In this exemplary embodiment, the server determines if the machine sendsone or more messages with data having a predetermined relationship tothe particular code within the permitted time period (e.g., a time outperiod). If such messages are not timely received, then the serveroperates in accordance with its programming to send one or more messagesto the automated banking machine which are operative to cause themachine not to allow the transaction to proceed. This is represented ina step 476.

If the server receives one or more messages from the automated bankingmachine within the time period permitted, the server operates to receivethe user-inputted data (e.g., expected data corresponding to the code)as represented in step 4 78. The server then operates in accordance withits programming to evaluate this received data (corresponding to thecode) as represented in step 480. In step 480 the server operates tocompare and evaluate the data in the one or more received servermessages to determine if the data received has a predeterminedrelationship to the authorization data (i.e, the security code) that wassent in the one or more messages to the mobile phone. The predeterminedrelationship may require that the userinputted data received identicallycorresponds to the data that was sent to the mobile phone. Alternativelyor in addition, the sent/received data may have a mathematical or otherrelationship, or be within a predetermined range of acceptability. Thismay include for example that the data corresponds to a hash or othercorresponding data generated through operation of software operating inthe phone that can be evaluated for purposes of determining that theproper code data has been input. Other predetermined relationshiparrangements may be based on user provided data containing apredetermined percentage of sent characters or their order. Numerousapproaches including alternatives of the types previously described maybe taken depending on the nature of the authorization data that is sentto the cell phone and the particular programming of the system.

In a step 482 the server operates to make a determination whether thedata it has received has the required predetermined relationship to theauthorization data (e.g., code) which the server caused to be sent tothe cell phone. If the determination is negative, then the transactionis not authorized. In this case the server operates to send one or moremessages to the automated banking machine with data included thereinwhich indicates that the transaction is not to proceed. This isrepresented by step 476.

Alternatively, if the determination analysis indicates that the datainput by the user to the banking machine corresponds to the data (e.g.,code) sent in one or more messages to the cell phone, then the serveroperates to send one or more messages to the banking machine with dataincluded therein that indicates that the transaction is allowed toproceed. This is represented by step 484. As can be appreciated, thesemessages which are sent from the server to the automated banking machinecorrespond to the messages received through operation of the bankingmachine computer in step 440 shown in FIG. 25. Alternatively in someembodiments if a transaction is not allowed to proceed, the server maynot send a message to the banking machine and the pending transaction isblocked through a time out or other feature. Of course these approachesare exemplary.

Other embodiments may include other or additional approaches. This mayinclude for example a variation of the approaches already described. Inthis alternative approach, the transaction proceeds in the mannerpreviously discussed. However, rather than the automated banking machinesending messages which include the user inputted data (corresponding tothe code) to the server, and then have the server perform the datacomparison, the server operates in accordance with its programming tosend one or more messages including the code to the automated bankingmachine. This may include for example, the server sending datacorresponding to the generated code in one or more messages to theautomated banking machine. This enables the automated banking machine tocompare/determine if the user inputted data corresponds to theparticular code that the server generated. The automated banking machinemay operate in accordance with its programming to determine if the codedata input by the user corresponds to the code data that it has receivedfrom the server. The automated banking machine may also be in operativeconnection with comparison computers that can perform the datacomparison/determination on behalf of the machine.

Alternatively or in addition, the server may send a hash or other valuebased on a mathematical manipulation of the particular code data in away which enables the automated banking machine to operate to compare amathematical manipulation of what is input at the machine to theparticular data that the automated banking machine has received from theserver. In this manner the automated banking machine then makes thedetermination as to whether the user inputted data corresponds to theauthorization code sent to the mobile device so as to allow therequested transaction to proceed.

In still other embodiments, the system may operate to make the decisionat other points in the banking machine transaction flow. For example, anexemplary embodiment has been described as making a determinationconcerning whether the user inputted data corresponds to theauthorization data sent to the user's cell phone, prior to the machinesending messages to the host requesting the transaction. In alternativeembodiments, such host authorization allowing the transaction to occurmay be given and a decision not to allow the transaction to proceed maybe made at any point up through the time that the cash is dispensed (orother transaction steps which give monetary value the banking machineuser have been carried out). For example, the automated banking machine,at any point in its logic flow before completing the transaction, mayoperate in a modified form of its programming to make the determinationthat the user inputted data corresponds to the security data sent to thecell phone through operation of the server. This may have a transactiontime advantage in the event that there is a delay in banking machinecommunication with the server, whereas the banking machine communicationwith the host (to otherwise authorize the transaction) is not delayed.Thus, the additional security authorization can occur simultaneously(and independently) with the transaction authorization. However,completion (e.g., dispensing the cash) of the host-authorizedtransaction will not be carried out until the additional securityauthorization is completed.

Further, it should be understood that the server 416 may be operatedlike the server of the incorporated disclosure so as to performmarketing or other messaging functions for the banking machine users inaddition to the authorization function. This may include for examplegiving a user the option to sign up for the service through the bankingmachine as previously discussed. This would include providing throughthe interface of the machine, output screens and/or audible outputs thatquestion a user not already enrolled for the service concerning whetherthey would like to sign up for the security service. If the userprovides a positive response, the user would be prompted through afurther output to provide the number or other system address data oftheir cell phone or other mobile device. The machine at which the userprovides such inputs may operate in accordance with its programming tofurther send one or more messages to the server that acquires such signup data, to cause the server not to finalize or to delete the enrollmentof the user for the service if the user transaction that is conducted atthe machine in connection with the enrollment is denied. Thus forexample, if the transaction is denied because the user does not have thecorrect PIN for the card, or the card is otherwise blocked fromperforming transactions by the host or a related transaction authorizingcomputer because the card has been reported stolen, the account isblocked, or the account is overdrawn, the user will not be enrolled forthe service. The machine utilizing the principles of the incorporateddisclosure may also include the ability for the user to change the cellphone notification information or other data as may be appropriate.Alternatively, the authorization system and the marketing system may beoperated as independent systems. The approach taken depends on theparticular systems used and the programming of the computers involved.

Alternatively, in other embodiments the host system may operate througha connection with a wireless communication system to perform the(server) functions described. These may include for example, the hostsystem being in communication with one or more databases or othercomputers which determine whether a particular user has requiredadditional authentication in order to conduct a transaction. Thus, thehost may operate in accordance with its programming to generate thecode, cause it to be sent to the user's cell phone, evaluate the datainput by the user to the banking machine, and carry out the other stepsthat are indicated in the previously described embodiment as carried outthrough operation of the server. Modifications may be made to the hostmessages to provide for the additional messages or for additionalmessage content so as to enable the host to have this addedfunctionality. Of course these approaches are exemplary and in otherembodiments other approaches may be used.

In still other embodiments, the banking machine can wirelessly send thesecurity code to the phone. For example, the machine may call the phone.Alternatively, the machine may use a RFID device or NFC device totransmit the code to the phone, requiring both the phone to be near themachine. Alternatively, the server or host could send the security codeto the user's mobile device, which could then wirelessly communicatedata corresponding to the code to the machine, either automatically orin response to user input to either the phone, the machine or to both,depending on the programming of the various computers. Alternatively orin addition, some embodiments may require input of the code sent by theserver to an input device of the machine, and may also require directlocal wireless communication between the machine and the mobile deviceof data to establish the mobile device is in proximity to the machine toallow the transaction to proceed. Further alternatively or in addition,GPS data from the mobile device and/or the machine may be required toalso correspond to the mobile device being in proximity to the machineto allow the transaction to proceed. Of course other techniques forsending a security code from the machine to a phone may be used. Theautomated banking machine may also be operated to generate the securitycode. That is a transaction device, machine, system, or arrangement(e.g., ATM, POS) may receive the account number, generate a securitycode, transmit the code to a device (e.g, mobile device) affiliated withthe account, receive a returned code from the account holder's device(or some other device/platform associated with the account holder), andcompare the transmitted code to the received code.

As previously discussed, the exemplary security arrangements allow for auser's account (or card) to be temporarily blocked for a giventransaction or for all transactions. The user can control this temporaryblockage. Thus, the security system provides for consumer card controlcapability.

An exemplary security arrangement enables a user (the holder/owner of anaccount) to independently reconfigure their account's securityprotection at any time they desire. A user of the security service canturn their card (or account) “on” or “off”. If a card is “on” then thepreviously discussed security methods for protecting against fraudulentuse of the card can apply (e.g., need for user to input a received codeto authorize a transaction, need for a user's cell phone to be locatedadjacent the machine, etc.).

If the user's card is set as “off” then the service will prevent alltransactions from occurring against the user's card. In some embodimentsthe transaction prevention process can be carried out without making theuser aware of the attempted transactions. User action (or inaction) isnot required to prevent an unauthorized transaction. For example,specific transactions can be denied without contacting the user to inputa phone-received code, and not waiting for inaction by the user withregard to correct code inputting (e.g., into a machine or into a cellphone). Similarly, a transaction at a transaction machine is deniedregardless of the user's cell phone location (e.g., GPS location)relative to the transaction machine's location. In such a situation, alltransactions are denied as if the user does not have a cell phone. Thus,all transactions can be denied regardless of whether or not the user hasa cell phone.

The status of a user's card can be temporarily set at “off” until theuser enables (or activates) the card again to the status of “on”. One ormore data stores can store of the current status of each of a pluralityof accounts/cards. Such a data store (e.g., 412, 418) can be accessed bya security server (e.g., 416). In other arrangements a transaction host(e.g., 410) and/or a transaction device (e.g., 402, 404, 406) can alsoaccess the data store.

In some embodiments a user can independently directly change thesecurity status of their card/account between “off” and “on”. A user mayhave several contact points to use in order to cause the data store tochange the security status. A user can contact a system computer 416,410, 402 (or another computer that is associated with the securityservice) in order to change their account's “off” and “on” status. Forexample, a customer can change their account's on/off status viamessages that provide customer input to any of the security server 416,a transaction host 410, or a transaction device such as a machine 402.Each of the security server 416, transaction host 410, and machine 402comprise at least one computer operating software instruction thatenables them to receive one or more messages corresponding to a customerrequest to change account status.

The manner of changing their security status/level can be carried outthrough various methods, including using a fixed device (e.g., land linephone) or a mobile device (e.g., cell phone). For example, a particularphone number can be used by users to change data corresponding to theiraccount status stored in the data store. Their account status can alsobe changed through use of a computer (e.g., a PC), such as by messagesexchanged using a web application at an online home banking site.

Upon calling the particular phone number or other access address thesystem computer (e.g., the security server 416) can recognize the useras a person authorized to change the account status. The security server416 can recognize an authorized user through use of caller ID, a PCcomputer ID, an inputted unique authorization code, a private securityPIN designated for changing account status, verification of digitalsignature or digital certificates associated with a device, or someother verifiable security feature or combinations thereof. The securityserver 416 can operate to provide messages that direct or guide the useron how to provide input to change their account status. Such inputprovided by the user may include number/character key input, textmessage input, and/or voice input.

In response to receiving one or more messages corresponding to a user'sauthorized request for a change in their account status, the systemcomputer automatically operates to cause the data store (where datacorresponding to the status is stored) to automatically change thestored status. Thus, in some exemplary embodiments the ability of a userto automatically change their own account status (via automated computercommunication) does not require use of hu man service provider. Thesystem computer has software (including computer executableinstructions) that automatically causes a user's “off” and “on” statusto be changed in a data store immediately responsive at least in part toreceiving one or more communications corresponding to the user'srequest. The automation in some embodiments may enable the change to bemade in real time or near real time.

As previously discussed, the exemplary account on/off functionalityenables a user to directly change the availability (status) of theiraccount for transactions regardless of whether they own a mobile device(e.g., a cell phone) or a computer. That is, the card securityfunctionality is independent of any user device ownership. For examplein some embodiments a public or borrowed device can also be used toachieve a desired change in account protection status.

An account may be temporarily turned “on” so that transactions can beauthorized just before a transaction on the account is to be performed.For example, a bank account may be activated just before a machine cashwithdrawal is requested. Likewise, a credit/debit card account may beactivated just prior to paying for a purchase. Soon (or immediately)after an account is used for a transaction the account can then bedeactivated by being turned “off” to block further transactions. Thus,in some embodiments a person in a merchant store (e.g., a restaurant)can both activate and then deactivate (i.e., unblock and then blocktransaction capability) their debit card while being located in thestore.

As can be seen, the exemplary card security service can protect aregistered account from any (and all) transaction activity, includingon-line purchases, POS transactions, ATM transactions, etc. The abilityof an account holder whose account remains an open account with theirbank, credit card company or other account holder, to temporarilyactivate and deactivate their account on demand adds another level ofsecurity protection to the account. In example embodiments a customercan independently (and in real time or near real time) put a temporaryhold on their account for protection against unauthorized usage of theiraccount, and only remove (lift) the hold when necessary to allow atransaction that they initiate.

FIG. 27 shows schematically an exemplary security system server 416 inoperative connection with each of a phone 424, personal computer 486,ATM 402, POS device 490, and an online entity 494 (e.g., an onlinemerchant computer). FIG. 27 shows that a customer can request a changein their on/off account status by notifying the account status server416. The request includes one or more communications with the server 416through the phone 424 or the PC 486 via one or more networks 408. Aspreviously discussed, the server 416 is in operative connection with atleast one account status data store 418 which can store datacorresponding to the current on/off (unblocked/blocked) status of thecustomer's account.

The server 416 can receive one or more account status checkcommunications from the plurality of different transactiondevices/machines 402, 490, 494. The server 416 can respond to suchcommunications by checking the account status data store 418, and thenproviding one or more communications indicating either an accountclosed/invalid status or an account open/valid status. For example,stored data may indicate an account is open and valid, even through theaccount may be currently set responsive to stored data based on amessage received from the account holder, as “off” or blocked. Accountsthat are closed or invalid may correspond to those that cannot havetransactions conducted thereon, regardless of user settable blocked orunblocked status. These may include, for example, accounts that the userhas closed and discontinued. Such accounts may also include accountswhere the corresponding card has been reported as stolen and the entityholding the account has closed the account, or situations where theinstitution, credit card company, merchant store or other accountholding entity has identified possible fraud activity and hastemporarily or permanently closed the account. Thus in an exemplaryembodiment the server operates to determine if the account on which atransaction is requested is open and/or valid or closed and/or invalid,as well as if the account is open, whether the account is currentlyblocked by the user from being used to conduct transactions or currentlyunblocked by the user and available to conduct transactions. As aresult, a transaction may be either approved or disapproved based on theresponse provided by the server 416.

The server 416 can constitute one or more computers and/or servers. Theserver 416 includes software (including computer executableinstructions) that enables it to operate to receive messagescorresponding to user requests, access the account status data store418, modify or transform data in the data store, and provide one or moreconfirmation messages indicative that the user request was completed.

The exemplary security system arrangement of FIG. 28 is similar to thearrangement shown in FIG. 27, except a financial entity 488 isoperatively intermediate the network 408 and the server 416. Thefinancial entity 488 holds and maintains the customer's account. Thefinancial entity 488 operates one or more computers and can be a bank,credit card company, merchant store chain, brokerage company, or anyother entity that has accounts.

The FIG. 28 arrangement allows a customer to request a change in theiraccount's on/off status by notifying the financial entity 488. In anexample arrangement request can be one or more messages, communicated toa computer of the bank 488 through a phone 424 or a personal computer486 (or some other personal device) via the network 408. For example, arequest can be submitted to the bank through communication withcomputers that operate the bank's web site. Additionally, the phone 424may be able to directly connect with a computer interface of the bank.The one or more computers of bank 488 is in operative connect ion with(and can communicate with) the account status server 416. Upon receivingthe sent request, a bank computer communicates automatically messagesthat inform the server 416 of the customer's request. The exemplary FIG.28 arrangement allows a customer to change their account's status bynotifying their bank instead of an entity controlling the server 416.

The exemplary server 416 can receive messages corresponding to accountstatus requests from a plurality of account maintaining entities,including the financial entities. The server 416 can operate responsiveto each request by changing the data corresponding to an account'sstatus in the data store 418. The server 416 can also communicatemessages corresponding to a status change confirmation back to the oneor more computers of the financial entity, which in turn can notify thecustomer that the account's status has been changed. Alternatively, theserver can directly notify the customer without involving the financialentity.

The FIG. 29 example security system arrangement shows a financial entity488 which will be referred to herein for simplicity as a bank, keepingits own account status records instead of a server 416 which in someexamples may be operated by a different entity. The financial entity 488which includes one or more computers can be a bank where the account isheld. The bank 488 is operatively connected with one or more data stores492, which stores the data corresponding to on/off status for aplurality of accounts.

In FIG. 29 the host 410 can be the computer that communicates with aplurality of transaction devices, including for example a POStransaction terminal 490 and an ATM 402. In an account verificationoperation, the POS terminal or an associated device (collectively andindividually referred to herein as a POS terminal) sends one or moremessages corresponding to a request that the host check whether atransaction should be approved. The POS terminal sends transactiondetails, including the account number, to the host. From the accountnumber the host can operate in accordance with its programming todetermine that the bank 488 is affiliated with the account. The hostthen operates to communicate to ask the bank computers whether thetransaction should be approved. The bank computer operates to check thecurrent availability of the account based on the data corresponding tothe account's on/off status stored in the bank's data store 492. If theaccount is currently set to “off”, then the bank computer operates tocommunicate to notify the host that the transaction is not approved. Inthis embodiment no other transaction checks (e.g., account balance,etc.) by the bank are necessary. If the account is determined by thebank to be currently set to “on”, the bank computer can operate toconduct the analysis of whether the account is open and valid and thespecific transaction approval/disapproval process, and then notify thehost of the results. The host will then operate in response to themessages from the bank computer to communicate appropriate messages withthe POS terminal.

It should be understood that the security system arrangements shown inFIGS. 27, 28 and 29 are exemplary, and that other variants of thedisclosed security system arrangements employing similar principles maybe used. This can involve the use of other or additional processes andsteps to allow or deny transactions.

In some exemplary embodiments transactions on an account are onlypermitted while the account hold is lifted and unblocked. Anytransaction attempted on the account while the account hold is in placeand transactions are blocked is denied. However, some exemplaryembodiments may allow for programmed switching of account status forcustomer-specified transactions. For example, an online banking systemof a bank 488 which enables customers to pay bills such as utility billsor mortgage payments via direct withdrawals may allow a customer to usetheir PC 486 to pay pending bills on a specified date. The one or morecomputers which comprise the online banking system can be programmed tocause the customer's account to be automatically temporarily unblocked(if not already unblocked) to pay a specific bill on a specific date.The bill pay software causes the one or more computers to allowtransactions on the customer's account on the specified date or at thespecified time, pays the bill as a transaction on the account, thenimmediately blocks further transactions in the account (if it waspreviously blocked). The bill pay software can cause the one or morecomputers to pay every authorized bill in this manner of turning on thenturning off the account.

Alternatively, the one or more computers responsive to the instructionsincluded in the bill pay software of the online banking system or othersystem can determine if more than one bill is to be paid on a particulardate. That is, the bill pay software can determine whether plural billsare assigned to be paid on the same date. As a result, the one or morecomputers may operate so all assigned bills can be paid while theaccount's “open” window is available. That is, the account is turned“on”, then all of the bills designated to be paid on that day are paid,then the account is returned to “off” status. Thus, even though pluralbills were paid, the account was only unblocked once, and only to allowtransactions for a brief length of time.

As can be seen, the described ability of a customer to independently andautomatically (without a human service provider) temporarily block andunblock their own account provides enhanced protection againstfraudulent use of their account. The security system may also provide atool for law enforcement, which can use the data and server operation todetect, investigate and track unlawful attempts to use blocked customeraccotu1ts.

As previously discussed, in exemplary embodiments an account owner canturn their debit card account “on” and “off” in real time (or near realtime). Thus, even if the debit card is lost/stolen and the card's PIN iscompromised, the card would still be prevented from being used by athief to conduct a transaction if the debit card accotu1t (e.g., bankchecking account) is set to “off”.

As previously discussed, the exemplary security system arrangement canallow or deny a transaction from being processed and charged against anaccount based on the stored on/off status of the account. It should alsobe understood that the exemplary security system arrangement also allowsfor a transaction on an account to be approved or denied based on thestored on/off status of the account. That is, the security system can beused to approve a transaction on an account, regardless of when thetransaction is later processed for charging against the account and theinvolved accounts are settled. This allows security system approvedtransactions to be processed on the account regardless of the account'son/off status at the time the transaction settlement processing occurs.

In an example, a credit card charge for a purchase from a merchant mayhave been approved by the security system server 416 at 6:00 p.m. at thetime of the purchase, but not submitted for settlement processing until12:00 a.m. During the approval process, the exemplary server 416operates in accordance with programmed instructions to cause the datacorresponding to the transaction to be tagged or associated with anidentifier (e.g., digital signature/code) as being approved by thesecurity system. In some exemplary embodiments the tag can be attachedto, included in or otherwise resolved in association with thetransaction data at the time of approval. Alternatively, the server 416can link the tag data with the transaction data (e.g., date, time,and/or transaction number, etc.) and then store the tag data in one ormore data stores for later retrieval and comparison, or send thetag/data to a transaction processing computer associated with thetransaction. Alternatively, one or more computers may resolve anidentifying value or signature based on selected portions of thetransaction data, store such a value in one or more data stores, and usesuch a value to identify authorized transactions. Later, when thetransaction is submitted for settlement processing at 12:00 a.m., theserver 416 can determine (from the submitted transaction data receivedfrom the merchant, or the tag data or other value previously stored bythe server 416) whether the transaction was previously approved. If so,then the server 416 can allow the transaction to be carried out on(charged against) the account regardless of the account's current on/offstatus.

In an alternative exemplary arrangement, since the security system canbe configured to allow a transaction to be processed for settlementregardless of the account's on/off status at the time of settlementprocessing, the security system server 416 can be used only to approve atransaction. That is, the security system server 416 can be used withoutits involvement in settlement processing of the transaction. Theaccount's on/off status will only apply to whether a transaction shouldbe approved/denied at the time the transaction is requested. There is noneed to check the account's on/off status at transaction settlementprocessing time. Rather, a transaction that was approved by the server416 can be processed by an (account settling) remote computer. Deniedtransactions will be denied at the time they are attempted and will notbe later presented for settlement. As a result only transactions thatwere authorized will be included in transactions that are laterpresented for charging against the account. In alternative embodimentstransactions that have been authorized by the security system can betagged in a manner to indicate they were authorized. As previouslydiscussed such tagging may include associating certain data in or withthe transaction data that is indicative it was authorized. Such data maybe included in the transaction record or stored separately and/orremotely of transaction data.

In some arrangements the account settling computer can recognizetransactions that have been approved by the security system. Forexample, the account settling computer can recognize a tag or approvalvalue added to (or used to modify, or resolved from, or associated with)the transaction data. Thus, when the transaction is submitted forprocessing at 12:00 a.m., the account settling computer can determine(from the submitted transaction data received from the merchant, or fromstored data previously received from the server 416) whether thetransaction was previously approved. If so, then the server 416 canallow the transaction to be carried out on (charged against) the accountregardless of the account's current op/off status. Thus, the account'son/off status is not considered (not a factor) at the time of chargingthe purchase against the account. However, before allowing the purchaseto be charged against the account there can be in some embodiments adouble check, including the server 416 approving the transaction at thetime of the transaction request and the account settling computerverifying (e.g., via the approval tag) that the transaction was indeedapproved by the server 416.

An exemplary process includes operating a computer associated with afinancial entity (e.g., financial banking institution) to receive amessage from a personal device (e.g., cell phone, home computer) of acustomer having an account with the financial entity. The messageincludes a request (e.g., change in account on/off status) that allfuture transaction approvals (e.g, transaction approvals attempted afterthe blocking) based on the account be temporarily blocked (e.g.,refused, denied, or prevented from being carried out).

An exemplary process further includes automatically operating thecomputer in response to the customer request to modify associated datain a data store to change the status of the account to block transactionapprovals. The data store includes data corresponding to statusinformation on each of a plurality of accounts, where for eachrespective account, the status information indicates whether therespective account is blocked to transaction approvals. The computer isoperative to determine from the data store whether a respective accountis blocked to transaction approvals. The computer is also operative toprevent future transaction approvals from occurring on a respectiveaccount while the respective account is blocked to transactionapprovals.

Subsequent to changing the status of the account, the computer isoperative to receive data corresponding to a further message includingdata sent from the personal device of the customer. The further messageincludes data corresponding to a request that future transactionapprovals involving the account be permitted to be considered.

The example process further includes automatically operating thecomputer in response to receiving the request, to permit futuretransaction approvals on the account, to modify the data store to changethe account status to allow transactions to be conducted. The computeris operative to determine from the data in the data store whether arespective account permit<; transactions to be conducted thereon, and isalso operative to allow future transactions on a respective accountwhile that respective account permits transactions to be conductedthereon.

An account status that allows transactions to be conducted does notnecessarily mean that a transaction will be automatically approved onthe account, but rather that the account is simply available forconsideration to approve the transaction. Thus, even for an account thatpermits transactions to be conducted thereon, the transaction can stillbe denied approval (e.g., Insufficient funds, account closed due toreported stolen card, etc.).

In another exemplary method of conducting a transaction, a customercommunicates using a phone with one or more computers in an automatedservice center associated with the bank at which the customer's accountis held. The customer uses their cell phone to provide datacorresponding to the necessary ID or PIN that enables the bank computerto authorize the customer to make a status change request on their bankaccount. The customer can use the phone keys to send one or moremessages including data to request that their account be turned on. Theone or more computers in the bank service center operates to send one ormore messages that inform the customer that their requested change inaccount status has been made.

In some embodiments the verification may be an automated voice messagethat the computer causes to be returned to the customer during theircall with the service center. Alternatively, for further protectionagainst fraud, the verification may be an automated text message sent tothe phone that is listed in a data store as having the phone numberassigned to the account. Of course these approaches are exemplary.

Next the customer uses their account in making payment for atransaction, such as a purchase from a merchant. The merchant uses a POSterminal or other device to process the transaction. The customerconventionally receives confirmation from the merchant or terminal thatpayment on their account was accepted, e.g., their VISA card wasaccepted for payment. Next the customer again phones the one or morecomputers in the bank service center to request that their account beturned off.

In an alternative arrangement, the one or more computers of the bankservice center are programmed to provide the option of allowing thecustomer to hold on the phone while the transaction is being made. Thatis, the at least one computer of the service center turns the account onand then waits for a signal from the customer to turn the account backoff. This prevents the customer from having to call the service centertwice with regard to the same transaction.

In alternative embodiments the at least one computer of the servicecenter is programmed responsive to the customer's input messages to turnthe account off within a predetermined waiting time period, such as 5,10, 15, or 30 minutes after the account is turned on. This can be donevia programming in the initial set up, or via messages and data from thecustomer's mobile device, PC, or ATM input sign up data. Once thepredetermined time period expires then the service center computerautomatically acts to cause the account to be returned to its off statusas a precaution. If the transaction is taking longer than expected, thenthe customer during the set time period may ask via messages from thecustomer's mobile device (and receive) from the service center computeradditional time to carry out the transaction. Alternatively, one or morecomputers may be programmed selectively to change the account status tooff generally immediately after each authorized transaction. Of coursethese approaches are exemplary. In some embodiments the customer'soptions for communicating with the one or more computers of the bankservice center and controlling their account's on/off status may bechangeable or set as determined by the user. The predetermined waitingtime period can be set by the customer. For example, the customer cansend messages via their mobile device or PC to set the period to 5, 10,15, 30, or 60 minutes (or other length of time) that the account is onand usable for transactions. Likewise, in some embodiments a request for(a shorter) additional time (e.g., 3, 7, 10, minutes or other length oftime) may be set by the customer. Also, the customer can configure theiraccount such that when the predetermined time period expires the accountis not turned off but is kept on. Further in some embodiments, anaccount's current on/off status can be checked by the customer throughtheir phone or online through the Internet.

In some other example embodiments at least one computer which isoperative to allow transactions to be conducted or block transactionsmay be configured responsive to inputs from the customer to selectivelyblock or allow certain types of transactions. This may include, forexample, automatically authorizing prearranged bill payment or directaccount deduction types of transactions of the types previouslydiscussed. Thus responsive to messages received by a computer from acustomer's mobile device, PC, inputs at an ATM interface, or otherinputs, these selected types of transactions that would otherwise beblocked can be allowed. Alternatively in some example embodiments othertypes of transactions on the account can be permitted to be conductedbased on the nature of the transaction. For example transactions under acertain user set dollar amount may be permitted to be conducted whiletransactions over that set amount may be blocked. Similarly the computermay operate responsive to user input data to only allow transactions upto a cumulative total amount within a defined period. For exampleaccount status data stored in association with data corresponding to theaccount may permit total transactions up to $100 on the account withinany given 24 hour period, but may block any transactions in excess ofthat amount.

In other example embodiments the computer may operate in response tostored status data responsive to inputs provided by the customer toallow purchase transactions but to block cash dispensing transactions.As can be appreciated, a plurality of different transaction typecriteria, amount criteria and timing criteria may be stored in one ormore data stores and used as the basis for either allowing a transactionto be processed or blocking a transaction.

In still other embodiments the system may be operative to enable acustomer to deal with situations where the entity holding the accounthas taken steps to temporarily close the account. This might occur, forexample, when the account holding entity is a credit card company thatnotes suspicious activity related to the account. In these circumstancesthe credit card company is often monitoring the account and notes one ormore transactions that meet their criteria as possibly fraudulent. Insuch circumstances the credit card company may close the accounttemporarily preventing all transactions thereon pending verificationfrom the user that the transactions that are suspect are in factauthorized.

In some exemplary embodiments at least one computer is in operativeconnection with the data store holding account status data may operatein accordance with its programming to cause at least one notificationmessage to be sent to the customer in response to the computer resolvingor receiving a message from another system or device indicating that theuser's account should be temporarily closed. Such notification messagesmay include, for example, contacting a user via the user's mobile deviceregistered with the system. Such a notification may include a textmessage, synthesized voice message or other suitable message viaautomated or unautomated means. Alternatively or in addition, the usermay receive notification messages that their account is temporarilyclosed due to suspicious activity through the at least one computercausing messages to be sent to other system addresses associated withthe user, such as their home e-mail address, work e-mail address, homephone number and/or work phone number. The types of notifications to begiven will depend on the information provided to the system by the userand stored in one or more data stores as well as the programcapabilities of the particular system.

In some embodiments in response to receiving the notification that theuser's account has been temporarily closed by the account holdingentity, the user may contact the account holding entity to provide thenecessary information that the account holding entity requires to reopenthe account. This may include voice communication through an interactivevoice response system in operative connection with the at least onecomputer with access to the data which caused the account to betemporarily closed. Alternatively or in addition it may includecommunication with an individual in a call center who can review theinformation which resulted in the account being temporarily closed andwho can after receiving verification from the user that the charges inquestions are legitimate, can change the closed status of the account.

In still other embodiments one or more computers associated with thecomputer controlling the account status and/or the open and closedstatus of the account, may operate to cause communications to the user'smobile device indicating the nature of the suspect transactions. Thismay be done via text message, interactive voice response systemcommunicating to the user's mobile device, or other suitablemethodology. The user may respond to these communications by providinginputs which indicate whether or not the user considers the transactionsin question to be authorized and unauthorized. Responsive at least inpart to the inputs provided by the user, the at least one computer ofthe account holding entity may operate to reopen the account.Alternatively if the user indicates that the transactions were notauthorized, the card holding entity computers may operate to permanentlyclose the user's account and to cause the opening of a replacementaccou.11t. Associated with the replacement account may be the taking ofsuch necessary steps to issue to the user a replacement credit or debitcard for use in connection with conducting transactions on the newaccount.

It should be further appreciated that in some example embodiments the atleast one computer of the account holding entity may exchange furthermessages with the user to assure that the communications are receivedfrom the authorized account holder. This may include, for example,requiring that the user provide additional information likely to be onlyreadily known by the authorized user and which was previously stored ina data store of a computer accessible by the account holding entity, canbe used to verify the user's identity. Alternatively and/or in addition,processes for verifying the user's mobile device may be used. These mayinclude, for example, GPS tracking of the position of the device orother suitable verification techniques to help assure that the messagesexchanged which will result in the account being changed from the closedstatus to the reopened status are from the authorized account holder.

In still other embodiments the system may be operated to enable a userto open an account that has been temporarily blocked by the accountholder through a transaction conducted at an automated banking machinesuch as an ATM. In such circumstances in some exemplary embodiments themachine may operate in accordance with its programming to determinewhether an account associated with a card that is presented to thebanking machine is available to allow a transaction to be conductedthereon. In circumstances where the account is determined to have beentemporarily closed by the account holding entity, the server or hostcomputer may operate to cause messages to be sent which the user canrespond to, to reopen the account. This may include, for example,requiring the user to provide one or more inputs to the machine whichwould be likely only be readily known by the authorized user and whichthe at least one remote computer can verify as accurate by comparing thestored data. Alternatively or in addition, the machine may instruct theuser to utilize their mobile device to contact the computer associatedwith the account holding entity and to provide one or more verificationinputs. These verification inputs may include, for example, the PINnumber associated with the account. Such inputs may alternatively oradditionally include other data that only the authorized account holderwould readily know and which can be verified as accurate based on datastored in at least one data store that is accessible to the computerassociated with the account holding entity. Alternatively or in additionthe machine and mobile device of the user may operate to directlycommunicate via NFC; Bluetooth or other suitable methodology so that theidentity of the user's mobile device may additionally be verified asbeing in proximity to the machine. Alternatively and/or in addition GPStracking information related to the user's mobile device, the ATM and/orboth devices may be received and compared through operation of the atleast one computer to further verify the identity of the user at themachine.

In an exemplary embodiment responsive to the user providing informationthat can be verified as accurate through operation of the at least onecomputer of the account holding entity, and/or upon the analysis ofother information that is suitable to verify the identity of the userand/or their mobile device, the user's account which has beentemporarily dosed can be reopened responsive to operation of the atleast one computer. As a result the user can operate their mobile deviceto change the status associated with their account to be unblocked, ifnot already unblocked. As a result the user can then again conducttransactions on the account. Thereafter if the user wishes to againblock the account, the user may provide inputs through their mobiledevice which cause data to be received by the at least one computerassociated with the account holding entity and which causes the statusassociated with the account in the at least one data store to bereturned to a blocked condition.

As can be appreciated, such features would enable a user to be morereadily aware of circumstances which have caused the account holder toclose the user's account due to suspicious activity, and may facilitateand expedite the determination of whether fraudulent activity hasoccurred. This can minimize the exposure of both the customer and theaccount holding institution to fraud. In addition the capabilities ofsome example embodiments to enable the user to act to reopen thetemporarily closed account may facilitate user convenience by avoidingcircumstances where the user is away from their home and is relying onaccess to their accounts for purposes of paying the expenses that theyare incurring. Of course it should be understood that these processesand systems are merely exemplary and that alternative approaches andarrangements may be used.

FIG. 30 shows schematically the system of an exemplary embodiment thatutilizes a banking server 516 associated with the machines 502, 504, and506. Server 516 is alternatively referred to herein as a mobile bankingserver because it is operative to communicate with mobile wirelessdevices, such as a mobile wireless device 524. Server 516 is operativeto cause financial transactions in response to the messages sent by themobile wireless device 524. The mobile wireless device may be a cellphone, personal digital assistant, a smart phone, portable tablet, apager, or other suitable mobile wireless device. For purposes ofillustration, the cell phone will be discussed as the mobile wirelessdevice of this exemplary embodiment. However, it should be understoodthat other types of mobile wireless devices could be used as well. Itshould also be understood that the system is shown schematically forpurposes of facilitating explanation.

The system shown in FIG. 30 includes automated banking machines 502, 504and 506. The automated banking machines may in some embodiments be ATMsand in other embodiments other types of automated banking machines maybe used. The automated banking machines may be connected through one ormore networks 508 with one or more remotely located computers.Alternatively, the automated banking machines may be connected directlyto the one or more remotely located computers. In the exemplaryembodiment the remote computers include a host computer 510. The hostcomputer 510 may include one or multiple computers that are in operativecommunication with one or more data stores schematically indicated 514.The host 510 receives request messages from each of the automatedbanking machines. The host 510 also sends response messages to theautomated banking machines. The request and response messages may be inDiebold 91× format, NCR NDC format, or any other type of format suitablefor communication between the host and the automated banking machines.

The exemplary embodiment may also include a banking transaction computer521 operatively connected to the host computer 510. The bankingtransaction computer of an exemplary embodiment is associated with afinancial institution and includes at least one data store whichincludes data corresponding to user accounts. The banking transactioncomputer can also perform banking transactions such as financial accountbalance determinations or monetary transfers on the accounts in responseto messages from the host. The automated banking machines 502, 504, and506 can operatively communicate with the banking transaction computer521 regarding banking transactions. The exemplary messages sent betweenthe banking transaction computer 521 and the host computer 510 are inIS08583 fom1at. However, in other embodiments other message formats maybe used. These may include for example IFX format messages or othertypes of messages that are suitable for the computers and the financialmessages involved.

In the exemplary embodiment, the host computer 510 is in operativeconnection with a wireless communication system schematically indicated520. Similarly in this exemplary embodiment the server 516 is also inoperative connection with a wireless communication system schematicallyindicated at 522. In exemplary embodiments the wireless communicationsystem may be operative to provide connections to achieve communicationswith wireless devices such as cell phone 524 as schematically shown inFIG. 30. The wireless communication systems may be in operativeconnection with one or more wireless networks. This includes, forexample, suitable connections to telephone networks, public networkssuch as the Internet and/or wide area or local area private networks.Alternatively or in addition the wireless communication networks may beoperative to communicate wirelessly with other devices. This may includein some embodiments the capability for communication of GPS data fortracking cell phones or other wireless devices as previously discussed.Alternatively or in addition the wireless communication capability maybe usable for wireless tracking of the automated banking machines orother items. Such capabilities may include tracking capabilities likethose shown in U.S. Pat. No. 7,942,314, the disclosure of which isincorporated herein by reference in its entirety.

In the exemplary embodiment the automated banking machines may includeinput devices of the types previously discussed. This may include, forexample, a card reader which is operative to read data from user cardswhich correspond to financial accounts. Such readers may includemagnetic stripe readers, IC chip readers, wireless readers or othertypes of readers for example. The automated banking machines may alsoinclude other input devices which have a capability to provide useridentifying data. The exemplary automated banking machines may alsoinclude input devices such as keypads which are usable to receive manualinputs from users. This may include, for example, data such as personalidentification numbers (PINs). Keypads may also be used for receivingtransaction amounts or other user provided inputs. It should beunderstood for purposes of this disclosure that keypads can includetouch screens or other devices that can receive user selectable inputs.Exemplary automated banking machines may also include other inputdevices such as for example a bar code reader. Bar code readers may beusable to read for example one-dimensional or multi-dimensional barcodes for purposes of determining the data represented thereby. Ofcourse this is accomplished through operation of one or more bankingmachine computers that are included in or associated with each of theautomated banking machines. Further in some exemplary embodiments imagecapture devices such as cameras may be associated with or mounted nearor within each of the automated banking machines. The image capturedevices may operate in connection with one or more computers and systemshaving the capabilities described in U.S. Pat. No. 7,533,805 the entiredisclosure of which is incorporated herein by reference. Of course thesecapabilities are exemplary and in other embodiments other approaches maybe used.

In the exemplary embodiment the host system may operate in a manner likethat discussed in the incorporated disclosures, to receive messages froman automated banking machine and to cause financial transfers related toone or more accounts corresponding to the card data on the card that isread for purposes of carrying out the transaction at the particularmachine. Thus for example in exemplary embodiments the host 510 mayreceive one or more messages from an automated banking machine at whicha user is requesting a transaction. These host messages may include datacorresponding to the card data which identifies the user and/or theirfinancial accounts. The host messages may include data corresponding toa PIN number, data corresponding to a biometric identifier of the useror other identifier presented by the user at the banking machine. Theone or more messages sent to the host from the banking machine maygenerally also include information regarding the type of transaction theuser wishes to conduct. This may include, for example, a request forcash withdrawal from the automated banking machine. The one or moremessages sent to the host may also include data corresponding to anamount associated with the transaction that the user wishes to conduct.This may include, for example, in a cash withdrawal transaction, arequest for $200 to be dispensed from the banking machine and with acorresponding debit assessed to a user's checking account.

In exemplary embodiments the host may operate in accordance with itsprogramming based on data stored in the one or more data stores, todetermine that the card data corresponds to an authorized account thatis authorized to carry out the requested transaction. The host computermay also operate in accordance with its programming to determine thatthe PIN number data or other data input by the user and associated withthe message corresponds to that which is appropriate for the particularuser or account. This is done based on the host computer operating todetermine that the data included in the message requesting thetransaction corresponds to data in the one or more data stores 514. Ofcourse these approaches are exemplary.

The host computer may also determine that the requested automatedbanking machine transaction is authorized for the particular accountand/or user, and operates to cause one or more messages to be sent fromthe host to the particular automated banking machine. This may include,for example, messages including data which indicates that thetransaction is authorized. In response to receiving one or more messagesfrom the host, the automated banking machine operates to carry out thetransaction. In this example this would include operating a cashdispenser to cause cash stored in the machine in the requested amount of$200 to be dispensed from the machine to a user. Of course in asituation where the host computer determines that the transaction is notauthorized, then the messages sent to the auto mated banking machinewill indicate that the transaction is not to be conducted. In this casethe automated banking machine may operate to display an appropriatemessage to the user and will operate to cancel the transaction. In someembodiments and based on the messages from the host to the automatedbanking machine, the user card may be returned to the user. In caseswhere the card is reported stolen or otherwise the programming of thehost indicates the card is being improperly used, the messages to theautomated banking machine may operate to cause the banking machine tocapture the card. Of course these approaches are exemplary.

Further in exemplary embodiments the automated banking machine mayoperate once it has carried out successfully the authorized transaction,to generate one or more messages to the host to indicate the successfulcompletion of the transaction. This may be done through operation of theone or more banking machine computers included in or associated with themachine which operate in accordance with their programming to cause suchmessages to be sent to the host. The host may operate in accordance withits programming in response to the data included in such messages tocause the financial transfer from the user's account corresponding tothe value of the cash dispensed. Alternatively if the automated bankingmachine was not able to carry out the transaction (for example the cashcould not be dispensed), the at least one computer of the automatedbanking machine operates to cause one or more messages to be sent to thehost with data indicating that the authorized transaction could not becarried out. The host operates in response to the one or more messagesfrom the automated banking machine to record that the transaction couldnot be completed. The host also operates in such circumstances inaccordance with its programming not to charge the user's account for thevalue of the requested transaction, even though the transaction wasapproved. The host may further operate in accordance with itsprogramming to cause a notification to be given in appropriatecircumstances of a problem or other condition at the banking machinewill need to be remedied because the transaction could not be completed.This might include for example that the transaction was unable to becompleted because the automated banking machine does not containsufficient cash. The host may operate in accordance with its programmingto give notice to appropriate entities to replenish the machine withcash. Of course these operations and steps are exemplary and in otherembodiments, other approaches may be used.

A typical banking transaction using the automated banking machine 502 isperformed as follows. First, a user swipes or otherwise causes an inputof the card data from his or her card which is read through the cardreader. The user then enters his PIN and enters the desired transactiontype and amount using the keypad, touch screen or other input devices asmentioned above. The automated banking machine 502 then sends a requestmessage regarding the banking transaction to the host 510. The host 510then either by itself or by communicating with other systems verifiesthat the user is authorized to conduct the transaction. The host 510then sends a response message to the automated banking machine 502 thatincludes data which indicates to the machine whether to perform or notperform the transaction. If the host does not have the necessary data tosend the response message to the automated banking machine 502indicating whether to perform or not perform the transaction, the host510 may in some embodiments send one or more messages corresponding tothe request through the network 508 to the banking transaction computer521 requesting the data. Upon receiving the request message from thehost 510, the banking transaction computer 521 will resolve whether thetransaction is authorized based on data stored in one or more associateddata stores and send the data concerning whether the transaction isauthorized to the host 510. The host then sends an appropriatecorresponding response to the banking machine.

For example, the automated banking machine 502 may send a requestmessage to the host 510 which indicates that the user is requesting themachine to dispense a certain amount of cash.

The host 510 then sends a request message that the user's account isrequesting to withdraw the requested amount of cash to the ban kingtransaction computer 521. The banking transaction computer 521 thendetermines whether that amount may be withdrawn from the user's accountbased on data stored in at least one data store. The banking transactioncomputer 521 sends a reply message regarding that determination to thehost 510. If the message or messages from banking transaction computer521 indicates that the amount of cash can be withdrawn from the user'saccount and the user is authorized to conduct the transaction, the host510 then sends a response message which causes the automated bankingmachine 502 to dispense the cash. Alternatively, the host 510 may send areply message telling the automated banking machine 502 to display auser denial message on its display, if the banking transaction computerhas returned a message to the host indicating that the person is notauthorized to conduct the transaction or that the requested amount ofcash cannot be withdrawn from the user's account. Then, when theautomated banking machine 502 is instructed to dispense cash, when themachine completes dispensing the cash, the machine 502 sends acompletion message to the host 510 that says that the cash has beendispensed.

The exemplary embodiment further includes a mobile banking server 516.The mobile bank server 516 is operatively connected to the bankingtransaction computer 521. The mobile banking sever is also operativelyconnected to the host and automated banking machines via network 508.The mobile banking server 516 allows a user to use his or her cell phoneto conduct banking transactions. In an exemplary embodiment the cellphone would appear to the banking transaction computer to act like anautomated banking machine to other transaction terminal computersconnected in the network. Such transactions via the cell phone in anexemplary embodiment may include an inquiry about a user's accountbalance and transferring money between a user's accounts.

The exemplary mobile banking server 516 includes at least one data storewith computer executable instructions operative to cause at least oneprocessor in the server to carry out certain steps. The data store mayinclude semiconductor memory, optical memory, magnetic memory or othersuitable computer readable memory which can be used to store and recoverdata. In the exemplary embodiment these instructions Include a parserprogram 517 for parsing messages, and an interface program 519 thatoperates to register and store the user's Information based on themessages, and to recover such information. The mobile banking server 516is also in operative connection with one or more data stores 518, whereuser and program instruction data may be stored. The mobile bankingserver 516 may be operated by the financial institution which holds userfinancial accounts, or may be operated by a third party. The mobilebanking server 516 may include data associated with a plurality ofaccounts. The accounts may be associated with a single financialinstitution or a plurality of different financial institutions whosecustomers may use the system. For example, the mobile banking server 516may be operatively associated with a bank of a first user and alsooperatively associated with a credit union which holds a financialaccount of a second user. Of course these account relationships areexemplary and in some embodiments the mobile banking server could havedata for various types of accounts with one or several entities.

The mobile banking server 516 communicates with the banking transactioncomputer 521 to exchange messages operative to cause a bankingtransaction on a user's account. In response to the receipt of messagesfrom the mobile banking server 516, the banking transaction computer 521communicates with the mobile banking server 516 to send messages relatedto the banking transaction involving the user's account. The messagesexchanged between the mobile banking server 516 and the bankingtransaction computer 521 may be in IS08583 format or other suitableformat that can be used by the banking transaction computer.

In the exemplary embodiment the mobile banking server 516 may havecapabilities like those described in U.S. Pat. No. 7,516,087 or U.S.Pat. No. 7,946,480 the disclosures of which are incorporated herein byreference in their entirety. This includes for example including data inthe one or more data stores 518 which corresponds to user data andmessages or other actions to be presented and/or taken when a particularuser is determined to be requesting a transaction at a particularautomated banking machine. This can include for example presentingcertain specific determined messages to the particular user based onstored information and/or criteria associated with that particular user.It may also include certain features to improve security. Of course,these approaches are exemplary.

In this particular exemplary embodiment the one or more server datastores 518 include data corresponding to one or more predeterminednotification network addresses. This network address data may correspondto one or more ways of communicating with the particular user or accountholder. In exemplary embodiments these ways of communicating maycorrespond to a network address for communication with a user's wirelessdevice. This data may include, for example, a network address data forcalling the particular user's cell phone, such as a cell phone number.Alternatively or in addition, the network address data may include datafor communicating a text message to the user's particular cell phone.Alternatively or in addition, the network address data may include ane-mail address at which messages are receivable with the user's cellphone, or other data that can be used for communicating with theparticular user's cell phone or other mobile device so as to enable thecommunication to be provided to the user during or proximate to theconduct of a particular transaction. Further the exemplary embodiment ofthe one or more servers 516 includes computer executable instructionsthat are operative to cause the server to generate message contentappropriate for messages to be communicated to a user's cell phone orother mobile device related to particular transaction conditions.Alternatively or in addition, such message generation capabilities maybe associated with other connected computers and/or the wirelesscommunication system with which the server 516 is connected.

In the system schematically represented in FIG. 30, the system n1ayutilize the mobile banking server 516 to perform banking transactions inresponse to the messages communicated with the cell phone 524. In anexemplary arrangement, the user is first given the option by the systemto register the cell phone 524 for this service. The exemplary softwarelogic flow to accomplish this registration is schematically representedin FIG. 31.

In particular, as can be appreciated before a user approaches theautomated banking machine it may be operating in a wait mode. This mayinclude, for example, outputting particular promotional messages orother information to attract a user to the machine and/or providinginstructions to a user on how to commence a transaction with themachine. In the exemplary embodiment, the machine user may commence atransaction by causing the card reader to read data from a card whichincludes data corresponding to the user's financial account. This isrepresented schematically in FIG. 31 by a step 526 in which the machineoperates to cause a user's card to be read. This can be done for examplethrough operation of the particular type of card reader in the machine.

In accordance with the incorporated disclosure, the exemplary embodimentof the banking machine computer is operative to prompt the user to inputtheir personal identification number (PIN). This is represented in astep 528. The machine 502 then operates in accordance with the softwareinstructions associated with its computer to receive PIN data from auser. This is represented by a step 530. The user inputs their PINthrough a keypad or other input device on the machine. Of course itshould be understood that other input devices for receiving alternativeor additional identifying information may be used. This may include forexample biometric inputs, facial recognition inputs or other inputs thatare suitable for identifying the particular user or their account.

In the exemplary embodiment, the automated banking machine 502 operatesin accordance with its programming to provide a user with an outputthrough a display or other output device that includes transactionoptions that the user may select. The transaction options correspond totransaction types that the user could conduct at a machine. In thisexemplary arrangement, one of these transaction options corresponds tosetting up the user's cell phone 524 or other mobile wireless device toconduct transactions through the mobile banking server 516. To do thistransaction, the automated banking machine 502 first verifies that theuser is authorized to conduct banking transactions at step 531. Thisverification may be done in several ways.

For example, if a previous banking transaction, such as a cashwithdrawal, has already been performed by the user in the currenttransaction session, the user has already been verified to be authorizedto conduct banking transactions on the respective account. As previouslymentioned, to accomplish this verification, the automated bankingmachine 502 sends a request message in the Diebold 91× format regardingthis banking transaction to the host 510. The host 510 either by itselfor by communicating with other systems then verifies that the useraccount and PIN have the required corresponding relationship and thatthe user is authorized to conduct the banking transactions.

The computer of the automated banking machine may have associatedprogramming which includes data associated with one or more transactionsconducted by the user while at the machine during this transactionsession, and if a prior transaction has been carried out which hasverified the authority of the user to conduct transactions then the useris deemed to be properly identified and authorized for purposes ofregistering address data for their mobile device.

If a previous banking transaction has not been satisfactorily completedin this transaction session at the machine, the automated bankingmachine 502 may operate in accordance with its programming toautomatically send a request message in the 91× or other appropriateformat to the host 510 to do a balance inquiry transaction to verifythat the user's card and PIN data are associated with an authorizeduser. The host 510 then operates responsive to this message to generatean IS08583 format message or other appropriate message, and sends acorresponding message to the banking transaction computer 521 to requestthe balance inquiry. The bank transaction computer 521 then authorizesor refuses the balance inquiry transaction based on the card and PINdata, and sends a reply message regarding that determination to thehost. If that reply message corresponds to the banking transactioncomputer 521 authorizing the balance inquiry transaction, the host sendsa response message to the automated banking machine with that accountbalance data. The receipt of such a message is an indication to themachine that the account is valid, the input PIN is correct and that theuser currently operating the machine is authorized to conduct thebanking transactions on that account. Of course, these approaches areexemplary and in other embodiments other approaches to verifying theauthority of the banking machine user to register a mobile device may beused.

After the person is verified to be authorized to conduct the bankingtransactions, the automated banking machine 502 may then prompt the userto set up the user's cell phone 524 to conduct transactions with themobile banking server 516. For example, the automated banking machine502 may display a message that says “Would you like to sign up for themobile banking service?” The user then indicates by one or more inputsto the automated banking machine 502 his or her desire to set up his orher cell phone 524 to conduct mobile banking transactions. This isrepresented by a step 532.

The automated banking machine 502 then prompts the user to enter thenetwork address the user wants to register in connection with the user'saccount. This may include, for example, the user's cell phone number.The user enters his cell phone number via a key pad or other inputdevice into the automated banking machine as represented by step 534.The automated banking machine then sends a request message in 91× formator other suitable format to the host 510 as represented by step 536. Theexemplary request message contains data corresponding to the user'sphone number, account number, PIN, transaction type, and amountinvolved. In this case, the transaction type includes data correspondingto setting up of the user's mobile wireless device to conducttransactions with the mobile banking server, and the amount involved iszero. The host 510 then determines that this is a sign up message. Thehost 510 receives the 91× format or other message and generates anIS08583 format or other format message in step 538. The host 510 thensends the user's account number, the PIN, and sign up message in IS08583format or other format to the mobile server in step 540. Of course ascan be appreciated in other arrangements, other server messages and hostmessages may be used. Also such messages may be appropriately encryptedor otherwise configured to reduce the risk of interception.

In step 542, the parser software 517 parses the IS08583 message, and inthis exemplary embodiment the user's name, phone number, and accountinformation is resolved through operation of the server. The mobilebanking server 516 operates so that all or a portion of this data isstored in the data store 518 or other memory for future use. The mobilebanking server 516 then sends a message to the host 510, and the hostoperates responsive at least in part to the message to send a message tothe automated banking machine 502 that the user has set up his or hercell phone 524 to conduct transactions through the mobile banking server516. This is indicated by step 543. The automated banking machine 502then provides one or more outputs indicating to the user that this cellphone 524 can now be used to conduct mobile banking transactions. Theautomated banking machine 502 may also operate to give the user thephone number, text messaging number, short code or other contact datafor purposes of conducting banking transactions with the cell phone 524.This information may be in the form of a message displayed on thedisplay screen of the automated banking machine. Alternatively, theinformation could be sent by the machine via RF such as Bluetooth orNear Field Communication (NFC) messages to the cell phone. Alternativelydata could be provided to the phone via visual outputs to the phone.Such codes can include bar codes such as QR codes or other outputs thatcan be received via the camera or other input devices on the phone. Inalternative embodiments the machine may also provide other data to thephone. This may include identifying data, authentication data, a digitalcertificate or other information useful in identifying the mobile deviceand/or in carrying out transactions.

Alternatively, a user's mobile device may be registered and enabled toconduct transactions in other ways. This may include, for example, theuser registering the phone at a financial institution. This may includethe user being identified as authorized and having contact data for themobile banking server along with security credentials or other dataloaded in the phone via a communication interface at the institution.Alternatively, in some embodiments, a user may register the phone usingan online banking system. Of course, these approaches are exemplary ofmany that may be used.

After the cell phone 524 is registered in at least one data storeassociated with the mobile banking server, the cell phone 524 may beoperated to request the mobile banking server 516 to performtransactions as illustrated in FIG. 32. For example, the transactionsmay include balance inquires and transfers between linked accounts ofthe user. Optionally, the system could be set up so that othertransactions that do not involve the dispensing of cash that canotherwise be performed at a machine can be performed by the cell phonecommunicating with the mobile banking server 516.

To accomplish a transaction, the user enters or causes the phone tocontact the phone number, short code or other system contact data givento him by the automated banking machine 502 or other system used forregistration. The cell phone operates to connect with the mobile bankingserver 516. The mobile banking server 516 receives this number of thecell phone and/or other identifying data and/or identifying credentialssuch as a digital certificate sent by the cell phone in a step 544.Server 516 then determines that this number and/or other data isregistered and associated with the user or the user's account. This isrepresented in step 545. If the phone corresponds to a registered useror account, the mobile banking server 516 then communicates with theuser's cell phone 524 to prompt the user to enter the user's PIN. Suchcommunication may be via audio, text message or other means. The userenters his PIN into the cell phone 524 and this information is sent tothe mobile banking server 516 as represented by step 546.

The mobile banking server 516 then communicates messages with the user'scell phone 524 that cause outputs from the cell phone that ask the userwhat type of transaction that the user wishes to conduct. Such outputsmay be audio outputs, visual outputs, or both. The user then operatesthe cell phone 524 by pressing certain key inputs or providing audioinputs to select the transaction. If the transaction involves atransaction amount the user is prompted to input the amount responsiveto messages from the server. The cell phone 524 then sends a message tothe mobile banking server 516 in step 550 to perform the selectedbanking transaction. In step 552, the mobile banking server 516 receivesthe transaction request message and operates responsive thereto togenerate a corresponding IS08583 format message. The message is thensent to the banking transaction computer 521 in step 554. The IS08583message is sent to the banking server that can authorize the transactionbased on the user's account data resolved by the server 516 and includedin the message. The banking transaction computer 521 then determines ifthe transaction is permitted or denied and sends a message includingdata related to the transaction and the determination back to the mobilebanking server 516 in step 556. The server 516 then sends one or moremessages corresponding to the determination and data in the message fromthe banking server to the user's cell phone 524 in step 558.

For example, a user may inquire about his account balance in a bankaccount using his or her cell phone 524. The mobile banking server 516verifies that the user's cell phone is associated with an authorizedaccount receives a PIN input and prompts the user to input what type oftransaction that the user wishes to conduct. The user operates the cellphone 524 to select the transaction which will cause a check of theuser's account balance with the user's bank. The cell phone 524 thensends one or more transaction request messages regarding the accountbalance inquiry to the mobile banking server 516. The mobile bankingserver 516 receives the transaction request associated messages andgenerates an appropriate message or messages for such an account balanceinquiry in an IS08583 message format. The message is then routed to thebanking transaction computer 521 based on the user's account data. Thebanking transaction computer 521 operates to verify the account data,determines the balance in the user's account and then sends a messageincluding data corresponding to the user's account balance to the mobilebanking server 516. The mobile banking server 516 then sends one or moremessages including data corresponding to the user's account balance tothe user's cell phone 524. The user's account balance then, for example,may be displayed on the display screen 525 of the user's cell phone 524or output as an audio output via synthesized speech system, for example.

In the exemplary embodiment, the user when requesting a transactionoperates the keypad of the cell phone to enter his PIN, and to selectthe type of transaction and provide other inputs. Alternatively, theuser could input the PIN, type of transaction amount or other data byvoice activation or by text messaging. For example, the user may textmessage the type of transaction that he or she wants to conduct.

The exemplary embodiment of the mobile banking message server operatesto provide a cell phone user with transactions that a user couldotherwise conduct at an ATM with the exception of receiving cash.Further the mobile banking server in the exemplary embodiment may beoperative in a manner similar to an ATM host or other computer thatcommunicates with other banking computers or other financialtransactions.

It should be understood that while the mobile banking server has beendiscussed in connection with carrying out balance inquiries andtransfers between linked accounts of a user, in other embodiments othertransactions may be performed. These may include the receipt of accountstatements that provides a detailed record of transactions conductedinvolving the user's account. Alternatively such transactions mayinvolve viewing cancelled checks or other documents associated with theaccount of the user. In still other embodiments messages sent to thephone may correspond to monetary value which can be stored in memory ofthe phone or elsewhere in a connected computer so as to be disbursedresponsive to operation of the phone. Checks may be deposited usingfeatures like those described in U.S. Pat. No. 7,896,235 the disclosureof which is incorporated herein by reference in its entirety. Of coursethese transactions are exemplary and other transactions involvingdetermining financial status or transferring financial value may beaccomplished utilizing the principles described herein.

Alternatively, in other exemplary embodiments, the system may be set upsuch that the user's account and PIN number data may be associated withother identifying data that can be input through the phone or othermobile device. For example, at the time of registration, whether at themachine, financial institution, home banking interface or othermethodology, the user can be prompted to select an alternative datainput which can be linked in a data store with a user's PIN number. Theselected data may include a password, phrase or other suitable inputthat can be provided to a mobile device. The data linking the substituteand the actual PIN number may be stored in a data store associated withthe mobile banking server or other connected suitable data store. Thus,for example, when a user conducts a transaction with their mobiledevice, the user may be prompted to input their authorization datathrough the phone. The mobile banking server may then operate inaccordance with its programming to receive this authorization data anddetermine if it corresponds to data representative of a user PINassociated with the account data. The user PIN may then be used toattempt to conduct the transaction.

In still other example embodiments, a user's cell phone could include anapplication that enables the user to establish a plurality of selectableidentifying features, which can be input through input devices on asmart phone or other device so as to identify the user. Datacorresponding to these plurality of inputs are stored in data storesassociated with one or more servers and correlated with a user's accountnumber and/or PIN number. A smart phone application for example, canprovide the user with options to set certain features as the identifyingfeatures, data corresponding to which is correlated with their accountdata. The user can be prompted through programmed instructions includedin a smart phone application or other programmed instructions, to selectcategories of images, sounds, signals and/or key inputs to serve as thesuitable identifying features which are alternatively referred to hereinas authenticating factors. Options may be provided to a user under eachof the categories to select a type of input to be utilized as theidentifying information for prompting an input, For example, if a userwere to select an image feature as a user identifying input, theapplication on the phone would then prompt the user to select abiometric feature, a body art feature, or an article. In addition, theinstructions might include subcategories under each. For example,selecting a biometric feature might cause the phone to provide one ormore outputs that prompt the user to select their face, an eye, ear,finger or other body part as the item, the image of which is to serve asan authenticating factor. Based on the selection by the user, the useris then prompted to utilize the camera on the smart phone to capture animage of that particular feature. In response to capturing such animage, the smart phone may in some embodiments operate to cause datacorresponding to that image to be stored in one or more data stores inthe phone.

Alternatively, in other embodiments the software instructions includedin the smart phone may operate to store data aspects or digests (such asa hash, digital fingerprint or other data) corresponding to the image,which are useable to verify the authenticity of a future such image ofthe user's selected feature. Alternatively, if the user were to providean input selection corresponding to body art, the user is prompted toselect an image of a piercing or tattoo which they may have. The usermay then make a selection and use the camera on the phone to capture animage of that selected item. An image or a digest thereof will bestored. Likewise, a user who has selected to capture an image of anarticle may be prompted to select an article such as a driver's license,identification card, item of jewelry, or other article that they expectto always have with them when authenticating themselves to the machine.Again, the user would be prompted to capture an image of the particulararticle and data corresponding thereto stored in the data store.

Alternatively, if the user were to select items in a sound category, thesoftware instructions included on the smart phone may prompt a user toselect items such as voice recognition, a pass phrase, or other sound.If the user selected voice recognition, they would be prompted to speaktheir name or some other phrase from which voice characteristics can berecognized. Data corresponding to the audio signals would then be storedthrough operation of at least one processor in the smart phone in asuitable data store. Alternatively, the user may select a pass phrase.This may be a phrase that is known only to the user. The pass phrasespoken by the use, in exemplary embodiments, may not be converted to asuitable format, such as via speech to text and data correspondingthereto stored in a at least one data store through operation ofsoftware included in the smart phone. Alternatively, the user may selectother identifying sounds. This might include for example, unusual itemssuch as a bird call or other sound the user is capable of making and theuser feels will distinguish them from other persons. Data correspondingto the audible signals associated with the sound may be stored in one ormore data stores.

In some example embodiments, the executable instructions in the smartphone may prompt the user to select a particular signal type as anidentifying factor. This might include for example, signals that a usercan retrieve from an article that the user is likely to have presentwhen authenticating themselves for purposes of a transaction. Suchsignals might include for example, wireless signals that are generatedby credit or debit cards or identification cards. These can include forexample, RFID signals or NFC signals that are generated by the card.Alternatively, such signals may include signals that can be generatedfrom an article such as a token with access to particular facilities orfeatures. Alternatively or in addition, selectable signal types mayinclude internal signals that are capable of being generated by a user'ssmart phone or other device. This might include for example, datacorresponding to one or more values that can be resolved based on adigital certificate or other item that is resident in the phone and thatcan be used to generate a generally unique authenticating value. Ofcourse, other types of signals may be selected via user input to thesmart phone.

Finally, in connection with some example embodiments, the user may alsoprovide one or more inputs to select key type inputs as authenticatingfactors. This may include alpha-numerical values or values correspondingto other symbols that can be selected through a key pad or via icons ona touch screen. The user can choose to input one or several differentvalues that can be keyed in and used as one or more identifying factorsfor purposes of the application. Data corresponding to such selectedvalues is stored in at least one data store.

In some exemplary embodiments, the user may also establish throughoperation of the application on the smart phone, a series of promptsthat will guide them through inputting the authenticating factors thatwill then correspond to what they have selected. This might includeallowing the user to establish a series of output prompts that willguide the user through the series authenticating factors they haveselected. These prompts may include reminders or questions that remindthe user of each of the factors and the sequence of factors that arerequired to be input through the smart phone in order to provide all theauthenticating factors. For example, if the user has selected an imageof body art as an authenticating factor, the user may input and storethe phrase “my favorite tattoo” as a prompt to remind them that that isone of their factors. Likewise, if they have chosen an image of aparticular credit card as an authenticating factor, they may input andstore a prompt such as “my oldest credit card”. Likewise, if the userhas selected a numerical prompt that corresponds to a home address, theuser might input and store a prompt such as “the street address ofgrandma's house”. Of course, these are merely examples and the usercould include a prompt for each authentication factor they have chosento use.

In some example embodiments, while selecting factors during set up theuser may be required to input a prompt and provide an input to cause itto be stored each time they select a given authentication factor. Inthis way, the user will not forget the authentication factors, orconfuse the order in which they are required to be later input. Theapplication may also require that the user have at least a minimumnumber of identifying factors (for example, three). The applicationcould also limit the number to, for example, no more that a given number(for example, six). Of course, the approach is exemplary and in otherembodiments other approaches may be used.

Responsive to operation of the executable instructions operating in thesmart phone or similar device, a processor in the phone may operate tostore data corresponding to the selected authentication factors, and anyassociated prompts in memory in the device.

In the exemplary embodiment, when the user chooses to implement thesefeatures when they operate the automated banking machine using theirtraditional card and PIN, the automated banking machine can offer theuser a selection which corresponds to the opportunity to conduct futuretransactions using their smart phone or other wireless device aspreviously discussed. If the user provides an input selecting thisoption and their card and PIN data has been authenticated as valid, themachine may operate in accordance with its programming to communicatewith the smart phone to collect the stored data corresponding to such ofthe different authenticating factors the user has selected. Theautomated banking machine may then operate in accordance with itsprogramming to cause data corresponding to the authenticating data to bestored in at least one data store in the remote mobile banking server orother suitable computer. Once stored on the remote server, someembodiments may operate to cause the data corresponding to theauthenticating factors, other than the prompts to be erased from thememory of the smart phone. The mobile banking server may then operate inaccordance with its programming to correlate this data, or results,digests or other data resolved using the authenticating factors, withthe user's account and/or PIN numbers.

The correlation of the data that corresponds to these authenticatingfactors and the user's traditional transaction data, then enables theuser to carry out transactions through communications via their smartphone with the banking system by first inputting or otherwise providingthese authenticating factors to the smart phone. The smart phone canthen transmit the currently input data corresponding to the selectedauthenticating factors to the mobile banking server. The current datareceived can then be compared with the stored data, and if the inputfactors correspond or otherwise have a predetermined relationship withwhat is stored in the at least one data store, the user is then enabledto carry transactions via their mobile device with the banking system ina manner like that previously discussed. Of course, it should beunderstood that these approaches are exemplary and in other embodimentsother approaches may be used.

Further, in some exemplary embodiments, the user may be provided withthe capability to periodically change the authenticating factorscorresponding to their card and/or PIN number. This may be done, forexample, when a user conducts a transaction at an automated bankingmachine. The machine may include in a manner similar to the mobiledevice registration option, another option which enables the user tomodify their authorization data. Thus the user, once proven to be anauthorized user to the machine through input of their card and PIN data,may cause the authorization data stored in connection with the mobilebanking server or other server to be changed to new authorization datathat corresponds to new authenticating factors such as a phrase, passcode and other suitable factors. Thus if the user were concerned thattheir authenticating factor data has been intercepted, or if the user isconcerned because they have lost their phone, the user may provideinputs through the machine interface to change the authenticatingfactors.

Alternatively or in addition, the user interface of the machine mayoperate to enable users to provide inputs that immediately discontinuethe ability of the mobile device to operate to conduct transactions.This may be provided through the machine being configured to provideoutputs as part of the user interface that enables the user who has beenproperly authenticated via card and PIN data, to discontinue thecapability to conduct transactions via their mobile phone.

Other example arrangement may enable a smart phone or other mobiledevice that has been set up for wireless operation with a transactionnetwork, to further conduct cash dispensing transactions or othertransactions that require the exchange of tangible items with anautomated banking machine. This may be done for example, by enabling thesmart phone to communicate data which indicates that the smart phone isadjacent to an automated banking machine and is in a position to conducta transaction therewith. This might be done in some embodiments usingthe principles discussed in U.S. Pat. No. 8,240,556, the disclosure ofwhich is incorporated herein by reference in its entirety.Alternatively, in some example embodiments, an automated banking machinemay operate to provide a user with options to utilize the authorizationdata associated with their mobile device to identify themselves to thebanking system and receive cash or other items of value from theautomated banking machine.

For example, FIG. 33 shows an example of an output screen from anautomated banking machine that includes the capability of the operatorof a mobile device to receive cash. Screen 570 is output through thedisplay of an automated banking machine that may dispense cash to usersbased on input of card data and appropriate corresponding PIN data.Screen 570 however, also presents a selection that enables the user toconduct a transaction without inputting a card, but rather by selectinga cardless transaction. This may be done for example, by selecting aparticular area as indicated on a touch screen, or providing an inputthrough a key or other input device. In order to utilize this option inthe exemplary embodiment, the user would need to have a mobile wirelessdevice such as device 572, which is a smart phone. The smart phone wouldinclude a corresponding application of the type previously discussed forenabling the user to conduct transactions with the banking network.

Responsive to the receipt of input selecting a cardless transaction, thebanking machine may operate in accordance with its programming to outputvisible indicia, which enables the input of authentication data to thebanking system from the mobile wireless device. As shown in FIG. 34, theindicia in this example embodiment includes indicia in the form of a twodimensional bar code. This is represented in a screen 574. Thetwo-dimensional bar code may include various types of data. For example,it may correspond to a particular transaction identifier that is to beassociated with this particular user transaction. Alternatively or inaddition, the indicia may correspond to the particular automated bankingmachine at which the transaction is to be conducted. The output indiciamay also include security values or other values that are useful incarrying out the transaction. In some example embodiments, the indiciamay be generated responsive to operation of one or more computers of theautomated banking machine. Alternatively, the automated banking machinemay receive all or a portion of the data represented by the indicia froma remote server, such as the host or banking transaction computer.

In the example embodiment, responsive to screen 574, the user mayoperate a smart phone 572 and the application thereon to capture animage of the indicia output through the screen. This is represented byFIG. 35. The application in the user's smart phone may then operate toresolve and utilize data corresponding to the indicia for purposes ofcarrying out a user transaction.

In some example embodiments, the receipt of the indicia may cause thesmart phone application to request authorization data. This may be donefor example, by the smart phone application instructing the user toinput the authenticating factors at the time of the transaction.Alternatively, in some embodiments the application operating on thesmart phone may enable the user to input and store the authenticatingfactor data on the phone for a set period of time, so that the user canthen utilize this data immediately during the transaction. Theauthenticating factor data and data corresponding to at least a portionof data represented by the bar code, may then be sent through operationof the phone to the mobile banking server. In some embodiments, this maybe accomplished by the phone sending such information directly.Alternatively in other embodiments, the automated banking machine mayreceive this data from the phone via wireless communication such as viaBluetooth or an NFC communication. In either case, communication of suchdata to the server that can correlate the authenticating factor datawith the user's account and/or PIN number data and/or other data neededto authorize a transaction, enables the user's request for thetransaction to be processed by the banking transaction computer or othercomputer that can authorize the transaction.

In some embodiments, it should be understood that the user can inputtheir request for the particular amount of cash or other financialtransaction desired via the smart phone user interface. This might bedone for example, where the smart phone communicates directly with theremote server to deliver the authentication factor data. Alternativelyin other example embodiments, the user may provide inputs through theuser interface of the automated banking machine to indicate theparticular type of desired transaction. For example, a cash withdrawaland the amount they wish to receive. This might be done for example, incases where the authenticating factor data is sent through the automatedbanking machine. Of course, it should be understood that theseapproaches are exemplary and in other embodiments the user may providethe data through the smart phone interface, even when the data is goingto be sent via the automated banking machine. Likewise in someembodiments, some data may be input through the automated bankingmachine in situations where the authentication factor data is sentdirectly from the cell phone to the remote server.

Further in some alternative embodiments, the user may provideauthenticating factor data through the phone and other authorizationdata through the user interface of the automated banking machine. Forexample in some embodiments, the authorization data that the user hasset up may be received from the phone, while the user may still berequired to input a PIN through input devices on the automated bankingmachine. Alternatively, other inputs such as biometric input or otherinput can be required of the user directly through the automated bankingmachine user interface. This might be done for example, where theoperator of the machine desires additional identifying data to verifythat the dispense of cash from the machine has been properly authorized.Of course, these approaches are examples.

In the exemplary embodiment the authorization data corresponding to theauthenticating factors associated with the user is received at thecomputer that can correlate such data with user transaction information.Such data is used by the system to compare such data to stored data andresolve data corresponding thereto, such as the user's account numberdata and/or the user's PIN data. In some exemplary systems the dataresolved based on the authorization data may be an encrypted form of theuser's card and/or PIN data. Such account and PIN data is then includedin one or more messages along with data corresponding to the amount ofthe cash dispense or other transaction type and amount requested by theuser, in one or more messages to the banking transaction computer. Thecomputer then determines if the transaction requested is authorizedbased on the account and PIN data, and if so generates one or moremessages responsive to the transaction being authorized. One or moremessages are then utilized to cause the automated banking machine atwhich the user is present to complete the transaction, such as bydispensing a requested amount of cash.

This may be done in several ways, depending on the particular system.For example, in some embodiments in which the indicia output on thescreen identifies the machine, authorization of the transaction maycause one or more messages to be routed to that particular machine,which causes the machine to dispense the requested amount of cash. Theuser can then take the cash to complete the transaction and the user'saccount will be charged. In alternative embodiments features may beincluded to assure that the user is still present at the machine wherethe cash dispense is made. This may be done in a manner similar to thatpreviously discussed to assure that the transactions are authorized.These approaches may include for example, the message to indicate thatthe transaction is authorized being received by one or more computers,which then causes different indicia to be output from the machine. Thisindicia may also be in the form of a two-dimensional bar code.Alternatively, such indicia may correspond to signals such as wirelesssignals that can be received through operation of a smart phone.

The smart phone may then be used to image this indicia or otherwiseprocess this data. The smart phone may operate to cause this data ordata that is a function thereof to be transmitted to the mobile bankingserver or other remote computer. In response to receiving the datacorresponding to the indicia that was output from the machine, themachine may then receive signals from the remote server that cause it tooperate to dispense the requested cash. In this way, it is assured thatthat the user who requested the transaction is still present at themachine as the transaction is completed.

Alternatively in other embodiments, the messages identifyingauthorization of the transaction by the banking computer may be receivedby one or more computers that cause one or more messages to be sent tothe user's smart phone. The data included in messages sent to the user'ssmart phone, may cause the smart phone in some example embodiments tooutput indicia from the smart phone. This may include for example,another two-dimensional bar code output through the display on the phoneor other indicia that can be read through operation of a reader such asa bar code reader or wireless port on the machine. The machine may thenoperate to read this indicia from the display of the smart phone orreceive it through the port. The phone may analyze this data or senddata corresponding thereto to the remote computer to verify that thedata that the machine has received corresponds to the data that was sentto the phone of the user that requested the transaction. Responsive tothis determination, the automated banking machine may operate todispense the cash requested in the transaction.

Alternatively in other embodiments, the one or more messages sent to thesmart phone may include data, such as data which can be output from thephone received wirelessly such as via NFC communication, by theautomated banking machine. The communications may include values thatcorrespond to data in messages that were sent to the user's phone sothat the presence of the user's phone at the machine can then beauthenticated. Responsive to such authentication, the machine may thenoperate to dispense the requested cash, or otherwise complete therequested transaction.

It should be understood in some example embodiments the determination ofwhether data received by the phone is appropriate for allowing thetransaction to proceed may occur at computers located remotely from theautomated banking machine. Alternatively, such determinations may bemade at a computer located at or in the proximity to the automatedbanking machine, which includes software instructions suitable forauthenticating the particular data that is received as genuine. Ofcourse, it should be understood that these approaches are exemplary andin other embodiments other approaches may be used.

It should be understood that while the exemplary transactions have beendiscussed in connection with dispensing cash, other types oftransactions may also be conducted through use of a smart phone or othermobile wireless device application that can be operated in connectionwith an automated banking machine. Such transactions might include auser receiving paper or electronic checks through operation of theautomated banking machine. Alternatively or in addition, suchtransactions may include the receipt of items such as phone cards,tickets or other tangible items that can be paid for and dispensethrough operation of the banking machine. Alternatively or in addition,transactions in which the automated banking machine receives cash andcredits a user's account can be conducted in a manner using cardlesstransactions carried out through use of the authorization data which isreceived through the mobile wireless device such as the smart phone.

It should further be understood that although the transactions that havebeen described may involve the exchange of tangible items with anautomated banking machine, transactions may also be carried out that mayinvolve the use of intangible items. These may include for example,transactions which operate to cause the smart phone to receive datacorresponding to credit value stored in a digital wallet associatedtherewith through communication of messages with the automated bankingmachine. This might be done for example in a transaction in which theuser supplies cash to the machine and receives the credit to theirdigital wallet. It may also involve a transfer of value from the user'saccount to their digital wallet on the phone or stored in a cloudsystem. Alternatively, the user may operate to carry out transactionsthat provide other data which can be used for things of value, such asadditional phone service, electronic access tokens, or providing accessto certain facilities, events or other things.

Thus in some example embodiments, the user may be able to use theirportable wireless device to carry out transactions which do not involveexchanges of tangible items or other items from an automated bankingmachine in remote locations, wherever the user happens to be. Further,the user may operate their mobile wireless device in a similar manneradjacent to an automated banking machine to receive cash or other itemsfrom the machine without the use of a banking card or other data, asmight otherwise be required for operation of the machine.

FIG. 36 shows an alternative embodiment of a transaction systemschematically indicated 576. System 576 includes a plurality ofautomated banking machines 578. Automated banking machines 578 mayinclude, for example, output devices such as a display, audio outputdevices, haptics devices or other types of devices that can output humanperceivable outputs. The exemplary automated banking machine may alsoinclude input devices. Such input devices may include function keys, akeypad, a touch screen, a card reader, a bar code scanner, a wirelessport or other devices which are capable of receiving manual inputs orother types of inputs from users or devices operated by machine users.

In the exemplary embodiment, the automated banking machines 578 areoperative to dispense cash to users. Cash is dispensed to users inresponsive at least in part to user identifying data that is input by auser corresponding to an authorized financial account. Cash is dispensedresponsive at least in part to the account data indicating the accountincludes sufficient funds in an amount being requested by a user at themachine. The machine operates to cause the user's account to be assessedfor funds dispensed. Each of the automated banking machines has at leastone computer (alternatively referred to as a processor herein)associated therewith. The automated banking machines 578 of theexemplary embodiment do not include a check imager. For purposes of thisdisclosure a check imager includes a device that is operative to scan acheck of a user, that a user wishes to deposit in the machine to depositin their account and/or redeem for cash. It should be understood,however, that the principles described herein may also be used inconjunction with automated banking machines that do accept checkimagers.

In the exemplary embodiment each of the automated banking machines 578is connected in a network 580. Network 580 of the exemplary embodimentmay be a private network, public network, virtual private network orother suitable communications medium to enable the automated bankingmachines to communicate with at least one remote computer 582. In theexemplary embodiment remote computer 582 is in operative connection withat least one data store 584. As schematically indicated, computer 582 isa host computer associated with a bank or other financial institution586. In the exemplary embodiment the automated banking machinescommunicate data corresponding to user and/or account identifying datathrough the network 580 to the host computer 582. The host computer 582is operative to analyze the data sent from the automated banking machineand compare such information to data stored in the at least one datastore 584 to determine if the data input to the machine corresponds toan authorized user and/or financial account. The host computer 582 isoperative to authorize transactions responsive at least in part to sucha determination.

In the exemplary embodiment the at least one host computer 582 is alsooperative to receive data corresponding to the transaction type andamount that a user at an automated banking machine wishes to conduct.For example if the user is requesting a cash withdrawal at the automatedbanking machine, the at least one host computer 582 operates to analyzedata stored in the at least one data store to determine if thetransaction is authorized and whether the account has sufficient fundsor is associated with data that corresponds to an authorization to allowthe requested transaction. Responsive to making the determination thatthe transaction is authorized, the at least one host computer 582 isoperative to send at least one message to the automated banking machinewhere the user is located to cause the machine to carry out therequested transaction. In the case of automated banking machines 578,generally the user will be provided with cash dispensed from themachine. Of course if the transaction is not authorized, the at leastone host computer is operative to send a message to the automatedbanking machine to indicate that the transaction cannot be performed.Responsive to the automated banking machine dispensing the requestedcash to the user, the exemplary machines send at least one message tothe host computer 582. The host computer operates responsive thereto tocause the user's account to be assessed an amount corresponding to thedispensed cash. Of course these approaches are exemplary and in otherembodiments other or different transaction steps may be used.

In the exemplary system 576, users of automated banking machines 578that do not include a check imager are nonetheless able to make checkdeposits into their account and/or to receive cash in exchange for suchdeposited checks. This is accomplished in the exemplary embodiment byauthorized users being able to use portable wireless devices such as asmart phone 588 in connection with the system. The exemplary portablewireless devices (which are alternatively referred to herein as mobiledevices) include a camera 590 and an output device such as a display592. Such mobile devices include at least one processor 594 and at leastone data store 596 as schematically shown.

In the exemplary embodiment the portable wireless devices 588 areenabled to capture images of checks or other instruments schematicallyindicated 598. The exemplary portable wireless device includes asoftware application resident thereon that includes computer executableinstructions that cause the device to provide outputs that guide a userthrough certain transaction steps as hereinafter described. Thosetransaction steps include imaging one or both sides of a checkassociated with a check transaction.

In the exemplary embodiment the mobile devices are enabled tocommunicate wirelessly in one or more wireless networks schematicallyindicated 600. The mobile devices communicate check data that includesdata corresponding to an image of at least one side of the check and/orother check or user related data, to at least one remote computer 602.At least one remote computer 602 is in operative connection with atleast one data store 604. In the exemplary embodiment the computer 602is operated by a service provider. The computer is operative to receivecheck data including check images and other data, including check imagesand other data from the mobile device, and to provide messages to themobile device sending the check data, that corresponds to the check datathat has been delivered to the remote computer 602. This data inexemplary embodiments may correspond to the particular check transactionbeing carried out by the user. The exemplary mobile device operatesresponsive at least in part to the data sent by the computer 602responsive to receiving the check data, to provide at least one output.As hereinafter explained, the at least one output from the mobile devicecan be provided as an input to at least one input device of an automatedbanking machine 578 in order to accomplish a check related transactionat the machine even though the machine does not include a check imager.Although in the exemplary embodiment the at least one computer 602 thatreceives the check data is indicated as operated by a service providerentity, it should be understood that in some embodiments the at leastone computer may be operated by the financial institution owning theautomated banking machines or other financial processing entity.

In the exemplary embodiment the at least one computer 602 is inoperative communication with at least one computer 606. At least onecomputer 606 of the exemplary embodiment is operative to perform checkitem processing. At least one computer 606 is in operative communicationwith at least one data store schematically indicated 608. It should beunderstood that although the at least one computer which performs itemprocessing is shown as separate from at least one computer 602 and theat least one host computer 582, in some embodiments the functions of oneor more of these computers may be combined. Further it should beunderstood that in some arrangements such computers may be operated bythe bank or other financial institution which operates the automatedbanking machines or by a different banking or service provider entity.It should be understood that such computers are shown separately forpurposes of this schematic description in order to facilitateunderstanding of the functions performed by each.

In the exemplary embodiment the item processing computer 606 isoperative to receive the check data including image data from the atleast one computer 602. In the exemplary embodiment the at least onecomputer 606 is operative to resolve data from the check image. Thisincludes data included in the MICR (Magnetic Ink Character Recognition)line on the check as well as the amount for which the check is written.This can be accomplished using character recognition software which isapplied to the check image data so as to resolve these values and data.The at least one computer 606 may also perform other functions such asassuring that the check has been signed by the maker who has written thecheck and/or is endorsed by the recipient of the check. Further in someexemplary embodiments the at least one computer 606 may operate toanalyze the check data to determine instances of probable check fraud.This may include analyzing images for purposes of determining if a checkmay be a photocopy or is otherwise fraudulent. Alternatively in someembodiments it may include analyzing the maker signature and/orendorsement signature as either a genuine signature of the indicatedindividual or for properties which indicate that it is not a photocopyor facsimile signature. In addition, other tests may be carried out bythe computer in some embodiments associated with resolving check dataand/or verifying the genuineness of the check. Of course theseapproaches are exemplary and in other embodiments other approaches maybe used.

In the exemplary embodiment the at least one item processing computer606 is in operative connection with the at least one computer 582 whichis associated with the bank or other financial institution which, in theexemplary embodiment, is operative to communicate with the automatedbanking machines 578. As later described in more detail, the at leastone computer 602 is operative to provide data to the mobile deviceresponsive to receipt of the check data that uniquely identifies thecheck data that the user has sent. This received data is operative tocause the exemplary mobile device 588 to provide at least one outputwhich is communicated as a check related input to the automated bankingmachine at which the user is conducting a transaction. In the exemplaryembodiment this check related input uniquely identifies the particularcheck transaction. In the exemplary arrangement this check related inputthat is received by the machine is communicated to the at least one hostcomputer 582. This check related input that uniquely identifies thecheck is communicated to the at least one computer 606. Such data mayalso be accompanied by other data such as data that identifies thefinancial institution 586 as the bank of first deposit for the check.Such data may also include other transaction identifying data such as atransaction number, deposit account data or other information that canbe used to identify the particular transaction in which the check wasinvolved.

In the exemplary embodiment the at least one item processing computer606 is configured to process check data so as to present the check datafor payment. In some exemplary embodiments the at least one bank whichoperates the automated banking machines may also send images and dataassociated with checks it receives to the at least one computer 606 forprocessing. As later explained in greater detail, the at least onecomputer 606 operates to enable checks that are written on accounts heldby the bank 586 to be charged against those particular accounts on whichthe checks are drawn and the associated amounts credited to accountsinto which the checks are deposited. In addition in cases where checksthat are deposited in accounts held by the bank 586 are drawn on otherbanks, the at least one computer 606 of the exemplary embodiment isenabled to send images and data corresponding to those checks forpayment to the banks on which the checks were written. This may be donein the exemplary embodiment by communicating the check related data andcheck images through one or more networks 610 to the Federal Reservesystem schematically indicated 612. The Federal Reserve system of theexemplary embodiment operates to forward the checks to the banks onwhich the respective checks were drawn schematically indicated 614. Thisis done through one or more networks 616. In the exemplary embodimentthe Federal Reserve also operates to settle accounts between financialinstitutions related to amounts owed by various maker banks to banks offirst deposit which hold the accounts into which the checks have beendeposited by their customers.

In the exemplary embodiment the Federal Reserve bank also operates tohandle the returns for any checks that are presented electronically forpayment to a maker bank, and for which check payment is refused. Thismay include, for example, checks that are dishonored due to insufficientfunds in the account on which the check is drawn. It may also includechecks that have a stop payment order applied, or checks drawn onaccounts that have been closed, or checks that are identified as havingmissing or forged maker signatures. Of course these reasons for refusingpayment on a check are merely exemplary. The data associated withdishonored checks are sent through the Federal Reserve electronically tothe at least one computer 606 so that the account of the person who hasdeposited the check in the bank of: first deposit is not provided withcredit for the amount of the check. In addition it should be understoodthat in other embodiments, entities other than or in addition to theFederal Reserve may perform these functions. This may include, forexample, a private clearinghouse which performs these functions for aplurality of member banks. Further in some exemplary embodiments, someimages and data for checks may be sent directly to maker banks forpresentment under agreements that exist between banks or groups ofbanks. Further some systems may send some images and data checksdirectly to maker banks, for some checks through private clearinghousesand for some other checks through the Federal Reserve. Numerousdifferent arrangements for the presentment, payment and return of checksmay be utilized in various embodiments.

The exemplary system 576 is particularly adapted for use in connectionwith automated banking machines that do not include a check imager, butwhich nonetheless enable the financial institution or other entityoperating the automated banking machine to receive check based deposits.In the exemplary embodiment, the mobile devices of customers includeprogramming that carries out the logic flow schematically indicated inFIG. 38. In the exemplary embodiment the portable wireless deviceincludes programming included in an application which provides theability to deposit checks into automated banking machines that do notinclude a check imager. Of course this approach is exemplary and otherapproaches may be used. As represented in FIG. 38, the user of theportable wireless device provides one or more inputs through the touchscreen display 592 or other input device such as a keypad of the deviceto select the automated banking machine check deposit application. Thisis represented by a step 618. In the exemplary application, theapplication prompts the user to input identifying data thatauthenticates the user as authorized to operate the application. This isrepresented in a step 620.

Responsive to proper user identification inputs, the application causesan output through the display of the portable wireless device whichpresents the user with account selections. The account selections maycorrespond to numerous accounts that the user has, into which the checkmay be deposited. This is represented in a step 622. In addition theoutputs from the phone may include the ability to conduct a checkdeposit transaction directly to the user's account separate and apartfrom an automated banking machine such as is described in the patentsincorporated herein by reference. In the exemplary embodiment, thetransaction selections include an automated banking machine checkrelated transaction. Such a check transaction might be desired by auser, for example, in cases where the user wishes to receive cash for acheck immediately at an automated banking machine rather than depositingtheir check in the account separate from an automated banking machineand then withdrawing cash at a later time when the user is adjacent to amachine. Of course these approaches are exemplary and numerous differenttransaction options may be provided.

As represented schematically in FIG. 38, the user may select anautomated banking machine check transaction through one or more inputsthrough an input device on the portable wireless device. This isrepresented in a step 624. Responsive to this selection, the exemplaryapplication is operative to provide outputs through the display of theportable wireless device that prompts the user to capture images fromone and/or both sides of the check. The outputs may further instruct auser to carry out other steps or to provide other inputs as well. Thisis represented in a step 626.

The portable wireless device operates to capture the images of one orboth sides of the check through operation of the camera 590. Thecapturing of the check image data is represented by step 628. In theexemplary embodiment, the application then operates to cause the checkdata which includes the one or more check images and/or other data whichis associated with the check images, such as for example account data,check amount or other items, to be transmitted through the wirelessnetwork 600 to the at least one computer 602. This is represented inFIG. 38 by step 630. In response at least in part to the receipt of thecheck data, the at least one computer 602 is operative to send to theportable wireless device at least one message which includes datarelated to the check related transaction in which the check is submittedto the at least one server. These received messages include data whichcorrespond to at least one check related input which will be provided bythe user to the automated banking machine in a manner hereinafterdiscussed. For purposes of this disclosure, the data that is received bythe portable wireless device from the at least one computer 602 isdescribed as a code or code data. However, it should be understood thatsuch code data may include any manner of data which is usable toidentify the particular check, the images for which are uploaded fromthe mobile wireless device to the at least one computer 602 inconnection with the check related transaction. This is representedschematically in FIG. 38 by step 632.

In the exemplary embodiment the at least one computer 602 is alsooperative to send to the portable wireless device, data whichcorresponds to a receipt for the check related transaction. The receiptof this additional data can be used by the user to establish or provethat they transmitted the particular check to the at least one computer602, is represented by a step 634.

In the exemplary embodiment the portable wireless device is operative tostore in the at least one data store of the device, the datacorresponding to the code data, which is used to provide at least oneoutput from the portable wireless device that is received as at leastone input to the automated banking machine. In exemplary embodiments thestorage of this data may be maintained by the portable wireless devicefor an extended period of time until the user is ready to conduct therelated transaction at the automated banking machine. Thus, theapplication may enable the user to close the application at this stageand perform other activities through their portable wireless deviceuntil they are ready to complete the transaction at the automatedbanking machine. The application may be structured for example, toenable the user to restart the application and recover this data so asto recover the data from the at least one data store that corresponds tothe particular check that has been sent to the at least one computer602. Of course it should be understood that this approach is exemplaryand in other embodiments, the application may be structured so that theuser scans the check with the phone while at the automated ban kingmachine, and there is no significant delay between when the datareceived from the at least one computer 602 is stored in the portablewireless device and when the user outputs such data for purposes ofproviding at least one check related input to the automated bankingmachine. Variations on these approaches will be apparent to thoseskilled in the art from the teachings herein.

In the exemplary application, the user either in proximity to when thedata is received from the at least one computer 602, or at sometimethereafter, provides at least one input to an input device of the mobiledevice which comprises an instruction to the portable wireless device toprovide at least one output based on the received data. This isrepresented in a step 638. Responsive to receiving the instruction toprovide the output in step 638, the portable wireless device is thenoperative to provide at least one output as represented in step 640.This at least one output corresponds to at least one check related inputthat is provided to at least one input device on the automated bankingmachine. For example, in some exemplary embodiments, the output mayinclude a numeric or alphanumeric code that can be visually perceived bya user and then input through a keypad (either a physical keypad or atouch screen display keypad) on an automated banking machine. In otherexample embodiments, the output may include data that produces atwo-dimensional bar code that can be received as a check related inputby a bar code reader on the automated banking machine. 1 bis isrepresented in FIG. 39 which demonstrates a bar code scanner 642associated with an automated banking machine reading output indicia inthe form of a two-dimensional bar code 644 from the display 592 of theportable wireless device. In still other exemplary embodiments theoutput data may be provided via wireless signals such as RF signals thatare received through a wireless port of the automated banking machine.Of course other approaches may be used to provide outputs from theportable wireless device that constitute at least one check relatedinput that is received through operation of at least one input device onthe automated banking machine.

In the exemplary application the portable wireless device receives atleast one confirmation input that indicates that the at least one outputhas been delivered as at least one check related input to the automatedbanking machine. This is represented by a step 646. As can beappreciated, the confirmation input may depend on the particular type ofoutput from the portable wireless device that is received as a checkrelated input. For example in cases where the output is an alphanumericcode which is manually input by a user to the automated banking machine,the confirmation input may include a manual input to the portablewireless device. Alternatively, in cases where the output is deliveredeither through a bar code scanner or through a wireless port, theportable wireless device may receive a confirmation input via wirelesscommunication from the automated banking machine. Such confirmationinput may include RF or IR inputs which indicate that the output hasbeen received and has been resolved through operation of at least onecomputer of the machine. Of course these approaches are exemplary and inother embodiments other approaches may be used.

Once the at least one output from the portable wireless device has beenreceived by the automated banking machine as at least one check relatedinput, the user may then close the application on the mobile device.This is represented by a step 648. Of course it should be understoodthat the logic shown is schematic and is exemplary of logic that may beexecuted by the portable wireless device in connection with checkrelated transactions. Other exemplary embodiments may include additionalor different steps so as to achieve similar functions.

FIG. 37 shows schematically steps carried out in connection with anautomated banking machine of an exemplary embodiment. The schematiclogic flow is associated with the automated banking machine carrying outa check deposit and/or a check cashing transaction but the machine doesnot include a check imager.

The logic flow begins with a step 650 in which user and/or accountidentifying data is read from a card through operation of a card reader.It should be understood while in the exemplary embodiment a data bearingrecord such as a card is used, other types of readers and identifyinginputs to identify a user and/or their financial account may be used inother embodiments.

In response to reading the card data, at least one computer associatedwith the machine operates to prompt a user to input a personalidentification number (PIN). The prompt is provided through a display onthe automated banking machine. This is represented by a step 652. Theautomated banking machine receives the user PIN input through a keypadtouch screen or other suitable input device. This is represented by astep 654. The at least one processor that transaction. This may be donevia a display or other output device. It should be understood thatnumerous types of transactions may be offered to a user. These mayinclude, for example, a cash dispensing transaction, a balance inquirytransaction, a transaction to transfer funds between accounts, atransaction to load value to a digital wallet or other types oftransactions in addition to check related transactions. Further inexemplary embodiments, more than one check related transactions may beoffered. For example the user may be prompted to select between a checkcashing transaction and a check deposit transaction. The types oftransactions offered will depend on the desires of the machine owner andthe programming of the computer associated with operation of themachine. As represented by a step 658, for purposes of this example theuser provides at least one input through at least one input device toselect a check related transaction.

In the exemplary embodiment, the user is next prompted through an outputvia an output device to input an amount associated with the check. Thisis represented in a step 660. In response to the prompt, the user inputsthe check amount through at least one input device on the automatedbanking machine. This is represented by a step 662. It should beunderstood that in exemplary embodiments manual input devices such as akeypad or a touch screen display with virtual keys may be used for thispurpose. Alternatively in other embodiments a check amount may bereceived through an input device on the automated banking machine fromthe mobile wireless device such as via a wireless port. This mightoccur, for example, when the check amount has been input to the portablewireless device in connection with sending the check data to the remotecomputer 602. In other embodiments the amount of the check may beresolved or confirmed through operation of the at least one computer602, and the data sent to the mobile device and included with the othercheck related data. In such embodiments the portable wireless device maycommunicate the check amount data via NFC, IR, Bluetooth or otherwireless communications, for example. In the exemplary embodiment theautomated banking machine provides at least one output that prompts theuser to provide a check related input.

In this exemplary embodiment the at least one computer associated withthe machine provides an output that prompts a user to scan atwo-dimensional bar code output from their portable wireless device.This is represented in a step 664. In response to receiving this prompt,the user may operate the portable wireless device in the mannerpreviously described in connection with step 638 to provide one or moreinputs which cause the portable wireless device to output thetwo-dimensional bar code that corresponds to the check related datareceived from computer 602. When the output from the portable wirelessdevice is provided in accordance with step 640 of FIG. 38, the automatedbanking machine operates in a step 667 to read the data output from thedisplay of the portable wireless device. This scanned display dataincludes at least one check related input that uniquely corresponds tothe particular check transaction in which the user's check was sent tothe remote computer 602.

The automated banking machine of the exemplary embodiment that operatesin accordance with its programming to send data corresponding to thecheck related input to the at least one host computer 582. This isrepresented by step 668. Thereafter in a step 670, the host computer 582determines if the card and PIN data corresponds to an authorized user,and whether the authorized user is permitted to conduct a checktransaction in the amount indicated as associated with the check ontheir account. This determination which is made by the at least onecomputer 582 is done responsive to the data stored in the at least onedata store 584. This determination is represented in FIG. 37 by a step670.

The at least one host computer 582 determines whether to allow thetransaction or deny the transaction. This is represented by a step 672.If the transaction is denied, one or more messages are sent by the atleast one computer 582 to the computer associated with the automatedbanking machine which indicates to the user that the transaction is notauthorized. This is represented in a step 674.

If the transaction is allowed, the at least one computer 582 operates tosend one or more messages to the computer associated with the automatedbanking machine indicative that the transaction is allowed. This isrepresented in a step 676. For example if the transaction requested is acheck deposit to the user's account, the user may receive outputsthrough the display of the machine which indicates that a valuecorresponding to the amount of the check has been added to theiraccount.

Alternatively in other embodiments where a user has requested a checkcashing transaction, further messages may be exchanged with theautomated banking machine. For example in some embodiments the messagesmay cause operation of the cash dispenser to dispense cash to a usercorresponding to the amount of the check. Further in still otherembodiments depending on the nature of the system, the automated bankingmachine may treat a check cashing transaction as two separatetransactions. One of these may involve a deposit of the check to theuser's account, and a separate transaction thereafter which represents acash withdrawal from the account. In that case the automated bankingmachine may receive the one or more messages indicating that the amountof the check has been deposited to the user's account, and maythereafter operate in accordance with the programming of its associatedcomputer to cause messages to be sent to the at least one computer 582requesting a cash dispense in an amount corresponding to the amount ofthe check. Such messages may include the card and PIN data previouslyinput, as well as data indicating that the user is to receive cash as awithdrawal from their account in an amount having a relationship to thecheck. These messages may be generated automatically through operationof the machine associated computer, and sent to the at least one hostcomputer 582 which verifies the user and account identifying data andsends messages in the automated banking machine associated computerindicative that the transaction is authorized. This may include messagesthat cause the cash dispenser to dispense cash to the user. These stepsassociated with the particular check transaction type carried outthrough operation of the automated banking machine are represented by astep 678.

It should be understood that in some embodiments the automated bankingmachine may operate in accordance with its programming to facilitatecheck cashing transactions in circumstances where the amount of thecheck does not correspond to an exact amount that the machine maydispense. For example some automated banking machines may dispenseseveral denominations of bills, the smallest of which may be a fivedollar bill. In such cases the automated banking machine may operate toround the check amount either up or down (depending on the programmingof the computer associated with the machine) to the nearest value thatthe machine can dispense based on the bill denominations that areavailable. In this case it would be an amount that is divisible by five.Further in some embodiments the automated banking machine may onlydispense one denomination of bills such as twenty dollar bills. In suchembodiments the programming associated with the automated bankingmachine associated computer may round up or down to the nearest amountdivisible by twenty. In such exemplary embodiments when cash in excessof the amount of the check is dispensed, the additional amount ischarged to the user's account through operation of at least one computer582. Likewise when an amount of cash less than the amount of the checkis dispensed, the excess value of the check is credited to the user'saccount. Of course it should be understood that in some embodimentsautomated banking machines may be operative to cash checks to the penny.This may include machines that have coin and bill dispensers that candispense coin in multiple denominations and bill dispensers that candispense bills in multiple denominations. The principles described mayalso be used with such machines. However, the approaches described maybe more likely to provide benefit in connection with automated bankingmachines that are set up for primarily cash dispensing operations, andthen do not dispense coin or a large variety of bill denominations.

Returning to the exemplary transaction flow represented in FIG. 37, atleast one computer processor associated with the automated bankingmachine carries out a step 680 in which a determination is made whetherthe automated banking machine could carry out the functions necessary tocomplete the transaction. In the case of a check cashing transaction,this may include determining whether the appropriate amount of cashcould be dispensed through operation of the cash dispenser. In the caseof a check deposit transaction to the user's account, this may includenotifying the user of the deposit and providing them with a receipt. Ofcourse the nature of the steps to complete the transaction will dependon the exact transaction type. If the automated banking machine couldnot operate to complete the transaction, the automated banking machinesends one or more messages to the one or more computers 582 to indicatethat the transaction could not be completed. This is represented in astep 682. In this case the at least one computer 582 stores dataconcerning the transaction including the fact that a check has been sentfrom the phone to a check processor so that the transaction can bereconciled. Such reconciliation may include, for example, computer ormanual intervention to recover the check data and be sure that theamount of the check is added to the user's account if the check is validand paid when presented to the maker bank. Of course these approachesare exemplary and in other embodiments other approaches may be used.

If the automated banking machine was able to successfully carry out thefunctions necessary to complete the transaction, one or more messagesare sent to the computer 582 indicating that the transaction wascompleted. The messages from the automated banking machine associatedcomputer are operative to cause the at least one computer 582 to storethe transaction related data. Such check related data will generallyinclude the check related input data, check amount and other datarelated to the transaction so as to facilitate recognizing the check andcompleting the check payment process. The storing of this data isrepresented in a step 684. In addition, in the exemplary embodiment theat least one remote computer 582 is operative to modify the data storedin the at least one data store 584 to modify the user's accountassociated data in accordance with the transaction conducted. This isrepresented in a step 686. This may include, for example, in the case ofa check deposit transaction, granting in connection with the user'saccount a provisional credit for the amount of the check as a deposit tothe account. This provisional credit will correspond to an amount addedto the user's account if the check is not dishonored upon presentment.Likewise embodiments where a check transaction involves a check depositto the account and a cash withdrawal associated with a cash dispense,the account is provisionally credited for the amount of the check andassessed for the amount of the cash withdrawal. Of course theseapproaches are exemplary and are dependent on the particular nature ofthe transaction conducted.

Further in the exemplary embodiment the at least one computer(alternatively referred to herein as at least one processor) associatedwith the automated banking machine operates in accordance with itsprogramming to issue to the user a transaction receipt. Such atransaction receipt may include the details of the transactionconducted. In some embodiments it may be issued to the user on paper,through operation of a printer in the automated banking machine. Inother embodiments the transaction receipt may alternatively oradditionally be issued electronically to the user's portable wirelessdevice. Alternatively or in addition, the transaction receipt data mayalso be sent to other systems such as a home banking system or othersystem associated with the user. This is represented by a step 688.

Although in this previously described embodiment the at least one checkrelated input provided to the automated banking machine includes visibleindicia that can be scanned through operation of a scanning device, inother alternative embodiments the at least one check related input mayinclude other types of inputs provided through at least one input deviceof the automated banking machine. For example in some embodiments themessages communicated by the at least one computer 602 to the mobiledevice may result in the mobile device receiving at least one code thatcan be visibly output to a user through a display of the mobile device.This particular output which corresponds to the particular checktransaction may then be provided as at least one check related inputthrough a manual input device on the automated banking machine. Thus forexample an alphanumeric code may be input to the machine via a keypad,touch screen, voice recognition or other suitable device. This at leastone check related input may then be utilized in a manner like thatpreviously discussed for purposes of correlating the check data sentfrom the mobile device to the at least one computer 602 and the at leastone computer 606 with the data corresponding to the automated bankingmachine transaction.

Further in other exemplary embodiments, the at least one check relatedinput provided by the mobile device may include a wireless input such asan IR input or an RF input such as a Bluetooth or NFC type input. Thisat least one check related input may be sent from the mobile device toan input device including a wireless port on the automated bankingmachine. The data communicated from the mobile device to the wirelessport again may serve the function of identifying the check data. Ofcourse it should be understood that these approaches are exemplary andin other embodiments other types of check related inputs may be used.

As can be appreciated from FIG. 36, upon completion of the automatedbanking machine transaction, data corresponding to the transactionincluding the at least one check related input received by the automatedbanking machine is stored in the at least one data store 584 associatedwith at least one computer 582. In exemplary embodiments the data storedin association with the at least one check related input may include theindicated check amount, the account data associated with the individualproviding the check, a transaction identifier generated throughoperation of the at least one computer 582 and/or the automated bankingmachine and/or other associated transaction data. In the exemplaryembodiment the data which identifies the transaction and datacorresponding to the at least one check input is communicated from theat least one computer 582 to the at least one computer 606 whichperforms item processing. Of course as previously discussed, in additionto check related transaction data received through automated bankingmachines the processor may perform other functions for the bank 586 suchas processing other checks as check images that are received by the bankas the bank of first deposit.

In the exemplary embodiment the at least one computer 606 operated inconnection with the item processing activity receives the check data anddata corresponding to the at least one check data input from the atleast one computer 602. The data corresponding to the at least one checkrelated input that was sent by the at least computer 602 to the mobiledevice, corresponds or otherwise has a predetermined relationship withthe at least one check related input that was received in connectionwith the check transaction through the automated banking machine. Bycorrelating the data corresponding to the at least one check relatedinput, the at least one computer 606 is able to identify the particularcheck data, including the check and/or images that correspond to theparticular check involved in the transaction. Responsive to thisinformation, the at least one computer 606 is able to analyze the checkdata to determine if the amount of the check as indicated by the userinput during the automated banking machine transaction corresponds tothe amount written on the check. In the event that the amount of thecheck was entered at the automated banking machine incorrectly, stepsare taken responsive to operation of the at least one computer 606 toindicate an anomaly and to take appropriate action so as to correct theany errors. This may include, for example, providing for furtherautomated or manual review of the check images so as to determine thecorrect check amount. Alternatively and/or in addition, such correctiveactions may include crediting or debiting the individual's account whoconducted the transaction at the automated banking machine so as toadjust for the correct amount on the check. Of course the steps takenwill depend on the capabilities of the particular system and the type ofanomaly which is detected through operation of the computer 606 or otheroperations of the system.

In the exemplary embodiment the at least one computer 606 is operativeto determine the bank and account number associated with the particularcheck. As previously mentioned this is determined from data that isincluded on the MICR line of the check. If the computer 606 determinesthat the check is drawn on an account that is held by the bank of firstdeposit for the check transaction which in this case is bank 586, the atleast one computer 606 operates to generate a record to indicate thatthe particular check is drawn on the bank of first deposit. In theexemplary embodiment the at least one computer 606 is operative to alsogenerate records indicating the nature of the financial transferincluding the account from which the funds represented by the check areto be withdrawn and the transaction and/or account to which the fundsrepresented by the check are to be deposited. In such cases the accountfor deposit may be based on account number data sent by the at least onecomputer 582 to the at least one computer 606. Alternatively in otherembodiments the account to be credited for the amount of the check canbe represented by other data such as the at least one check relatedinput or other transaction identifier utilized in connection with theparticular transaction. In some exemplary embodiments the transactiondata related to the check that is drawn on the bank 586 may be sentpromptly to one or more computers at the bank 586. Alternatively inother embodiments the check related data may be accumulated with otherdata from multiple checks associated with automated banking machinetransactions that are drawn on the bank as the bank of first deposit.This data may be sent as an accounting file or other file to the bank asa batch one or more times a day. Of course these approaches areexemplary and in other embodiments, other approaches may be used.

In the exemplary system the at least one computer 606 associated withthe item processing, is also operative in connection with carrying outimage based check presentment in connection with checks that arereceived and that are drawn on banks other than the bank of firstdeposit, which in this case is bank 586. In an exemplary embodiment theat least one computer 606 is operative to collect checks that are drawnon other banks and organize them as image cash letters which are acollection of check images and check data for checks drawn on aparticular maker bank. In some cases the image cash letter will beassociated with one particular bank of first deposit. Alternatively ifthe check image processor is operating a service bureau, it may bepossible to combine checks associated with numerous banks of firstdeposit into an image cash letter that is to be routed to a particularmaker bank with the funds selectively dispersed among the differentbanks of first deposit, when the funds associated with those checks ispaid to the service bureau. Of course these approaches are examples.

As previously discussed, generally image cash letters will be routed tothe maker banks upon which the checks are drawn via the Federal Reserveor a clearinghouse. The funds that are payable to the bank of firstdeposit in connection with the image cash letters will be credited bythe Federal Reserve or the clearinghouse to the bank of first deposit.This will be done in connection with balancing accounts between thedifferent financial institutions upon which checks are written. TheFederal Reserve or clearinghouse may then operate to credit the accountof the bank of first deposit as is appropriate for the checks which werepresented. Further in the exemplary embodiment the at least one computerassociated with the item processing may also prepare the associatedaccounting records to indicate the various accounts and amounts involvedin the check transactions and provide records to the bank concerning thecrediting of accounts.

It should be understood that in the exemplary embodiment the at leastone computer 606 associated with item processing may also perform otherfunctions. This may include, for example, receiving informationregarding returned checks that are dishonored upon presentment to themaker bank. This information may be provided to the bank of firstdeposit so that the account of the person making the check deposit hasthe amount of the check not credited thereto or if a provisional credithas been made, deducted therefrom. Further in some exemplary embodimentsthe at least one computer associated with item processing may alsooperate to process in clearing items. This may include receiving imagecash letters and check images from the Federal Reserve or an automatedclearinghouse that correspond to checks drawn on bank 586 as the makerbank, and which are deposited in other banks which are the bank of firstdeposit for those checks. The at least one computer 606 may process thein clearing items to determine that the amounts can be paid and toprepare accounting files that make the appropriate deductions from theparticular accounts. Further the at least one computer 606 may alsoprocess any return items that are dishonored when presented. Further insome embodiments the at least one computer 606 may also process the datanecessary for preparation of statements related to accounts held at thebank 586. This may include, for example, preparing statements thatinclude image data that show the particular checks and amounts that aredrawn on the bank accounts of customers of bank 586. Further the one ormore computers associated with the item processing system may performother functions as well, depending on the nature of the particularsystem.

As can be appreciated, the operation of the exemplary system 586 enablescheck related deposit transactions and/or check cashing transactions tobe carried out at automated banking machines that do not include a checkimager. Thus the automated banking machines may be lower cost devicesthat are commonly employed when checks are to be received. However, itshould be understood that while the operation of the system has beendescribed in connection with automated banking machines that do notinclude a check imager, the same principles may be applied to automatedbanking machines that include check imagers and other devices thereinfor processing checks. Further, while the exemplary system has beendescribed in connection with automated banking machines that dispensecash, it should be understood that the system may also be employed inconnection with automated banking machines that do not dispense cashand/or that perform other functions. This may include, for example,machines at which users can make payments for goods and/or services.This may include, for example, machines that dispense tickets, scrip orother items. Further, such principles may be used in connection withautomated banking machines that are operative to load value into digitalwallets, phone accounts, stored value accounts or other similar accountswhich contain value which may be utilized by a particular user. Theprinciples described may also be applied to numerous other types ofsystems.

A further alternative transaction system is schematically represented inFIG. 40. This particular system generally indicated 736 enables the userto associate a data bearing record such as a debit card or a credit cardthat can be used for conducting transactions at an automated bankingmachine, with data corresponding to a particular merchant's customeraffinity program. Such affinity programs are sometimes referred to asreward or loyalty programs, are commonly offered by different merchantsto give their customers discounts, promotions or other incentives andbenefits in exchange for making purchases of goods or services from theparticular merchant. Thus in the exemplary embodiment once a databearing record such as a particular transaction card is linked to theparticular merchant's affinity program, the user may receive thebenefits associated with the affinity program whenever they use theparticular card in connection with acquiring goods or services of thatmerchant. In addition the user may receive advertisements, promotionalitems, coupons, notices or other useful information in conductingtransactions in connection with automated banking machines using thecard that is linked to the particular merchant affinity program.

In the exemplary embodiment system 650 includes a plurality of automatedbanking machines such as machine 738, 740 and 744. These automatedbanking machines may be machines of the type previously described thatare usable in connection with carrying out cash dispensing transactionsor other types of transactions that include automated transfers ofvalue. The automated banking machines are in operative connection withat least one network 744. The at least one network is in operativeconnection with the at least one host computer 746 which is in operativeconnection with at least one data store 748. In the exemplary embodimentthe at least one computer 746 is in operative connection with afinancial institution schematically represented as bank 750. The atleast one computer 746 may be operative to enable transactions such ascash dispensing, check deposit, cash acceptance, envelope deposit orother transactions at the automated banking machines in the mannerpreviously discussed or referred to. Of course these particularapproaches are exemplary and in other embodiments, other approaches maybe used.

In the exemplary embodiment the automated banking machines are inoperative connection with at least one computer 752. Computer 752 is inoperative connection with at least one data store 754. In the exemplaryembodiment the at least one computer 752 is operative to causepromotional offers and other messages to be output selectively throughthe automated banking machines 738, 740 and 742 during transactions.This may be done in the manner described in U.S. Pat. No. 7,516,087 thedisclosure of which is incorporated herein by reference in its entirety.Of course alternative approaches may be utilized as well. In thisparticular exemplary embodiment the at least one computer 752 isoperative to present promotional offers including offers for discounts,incentives or other offers to users during transactions at the automatedbanking machines based on the user identifying data presented by theuser at the machine. This identifying data may include, for example, theinformation read from the user's card. The at least one computer 752 mayalso be operative to provide promotional items directly from themachines such as through the printing of coupons, vouchers, tickets orother items. Further in the exemplary embodiment the at least onecomputer 752 is operative to cause the output of messages that enable auser to provide inputs which indicate the acceptance of promotionaloffers, offers for sale, offers for other benefits or other things whichare accepted by users through inputs to the automated banking machines.

As schematically represented in FIG. 40, a first merchant system 690 isassociated with a first merchant. The first merchant system may beoperated by a merchant who provides goods or services to customers. Thefirst merchant system includes a plurality of point of sale terminals692 through which purchasers from the merchant may make payment usingdata bearing records such as a credit or debit card. Point of saleterminals 692 are in operative connection with a merchant network 694operated by the merchant that is connected to one or more merchantcomputers 696. The merchant computers 696 are in operative connectionwith one or more data stores 698. The merchant computer systems may beoperative in exemplary embodiments to store data including price dataassociated with particular items, transaction data, inventory data andother data that is useful to the merchant in carrying out theirbusiness. In addition in exemplary embodiments, the merchant computers696 are operative to process and store the data corresponding toparticular customers who are participants in customer affinity programsoperated by the merchant. This may include, for example, informationabout particular individuals who are entitled to additional discounts,promotional offers, credits, rebates or other benefits in connectionwith their purchases from the merchant. In exemplary embodiments thesecustomers may be identified via particular codes or other data that canbe represented through indicia such as a bar code, an RFID tag or otheridentifier on an article that is provided by a merchant to the user. Thedata from this article may be presented by the user in the time ofmaking a purchase transaction from the merchant to identify themselvesas the particular member of the affinity program, so that they can getthe benefits the merchant provides. Further this enables the merchant totrack the purchases being made by the particular user so that they canthen provide targeted promotional messages and the like to the userbased on the user's buying habits, patterns and other information.

In the exemplary embodiment the one or more merchant computers 696 alsoenable conducting purchase transactions by communicating through atransaction processing network 700 with one or more transactionprocessors. Such a transaction processor is represented by one or morecomputers 702 which are in operative connection with one or more datastores 704. In the exemplary embodiment the one or more computers 702associated with the transaction processor have accessible thereto dataconcerning whether particular accounts are authorized to conductparticular transactions and the permissible limits associated with suchtransactions. This may include, for example, the transaction processorhaving information concerning credit or debit cards that are authorizedto conduct transactions and the limits that are available concerningsuch transactions. Further in other embodiments the transactionprocessor may have access to data that is the same or generally up todate that is maintained in connection with an account of a user asmaintained by the bank that holds the account. This may be done forexample by periodically (such as daily, hourly, etc.) updating debitcard account data, stored in connection with computer 746 and bank 750through one or more networks 706. In this way the transaction processormay have access to data regarding accounts that is generally a mirrorimage of the account data for the particular account that is retained bythe bank.

In the exemplary embodiment the at least one transaction processorcomputer 702 operates in accordance with its programming to eitherauthorize or deny a transaction on each account as it is presented fromthe merchant system. The at least one computer 696 of the merchantoperates to either allow or prevent the transaction based on theinformation from the transaction processor. In addition the at least onecomputer 696 of the merchant is also operative to store the dataregarding the particular user and each of their transactions inconnection with the user identifier for the affinity program and otherdata maintained by the merchant.

In the exemplary embodiment a further merchant system 708 is also shownschematically. Merchant system 708 is also associated with a particularmerchant. This merchant operates to accept sales transactions throughthe merchant system which includes at least one merchant computer 710and at least one data store 712. The exemplary merchant system furtherincludes at least one merchant network 714. The merchant system 708 isoperative to receive and carry out purchase transactions throughterminals 716. In this exemplary embodiment the terminals 716 mayinclude point of sale terminals such as those previously discussed.Alternatively or in addition, terminal 716 may include online terminalsincluding, for example, user owned terminals which can be operated tocarry out transactions. This might include terminal devices such as homePCs, tablet computers, mobile devices or other devices through whichconsumers can present purchase transactions.

As described in connection with merchant system 690 the at least onecomputer 710 may be operative to hold affinity data including theparticular affinity identification data associated with particularusers. The at least one merchant computer 710 is also operative tocommunicate with the one or more transaction processors for purposes ofauthorizing credit or debit transactions which are requested through thevarious terminals.

Of course it should be understood that these approaches are exemplaryand are somewhat simplified from those actually used in practice. Thisis described in this manner herein for purposes of brevity in describingthe system features herein.

In the exemplary embodiment the user is enabled to selectively link oneor more of their accounts to one or more affinity programs. This may bedone through the auspices of the account holder's bank or through aservice bureau or other entity that provides the service that enablesthe user to obtain the benefits associated with the applicable affinityprogram whenever they use a particular account to make purchases from amerchant that has been linked by the user to the particular merchant'saffinity program.

In an exemplary embodiment the user is enabled to associate such aaccount with an affinity program using a computing device associatedwith the user. This may include for example the user's PC indicated 718or a mobile device such as a smart phone indicated 720. In an exemplaryembodiment one or more computers associated with a bank such as bank 750provides a user interface which can be accessed by a user so as toassociate their particular accounts and the credit or debit cardsassociated therewith with selected merchant affinity programs haveauthorized the bank or other account holding entity to provide suchassociations. FIG. 41 shows schematically the logic flow associated withassociating such account data with particular affinity programs. Inconnection with this logic flow, the bank may operate a secure web siteor other portal which enables the user to securely connect to accountdata associated with their various accounts. This might include, forexample, a credit card account associated with a card issued by the bankas well as a debit card account associated with an account held with thebank. Through an appropriate secure system, a user may be presentedthrough their computing device with a selectable menu of outputs whichidentify their particular accounts. This is represented by a step 722.After selecting the particular account, the user may be presented in theexemplary embodiment with a menu of available affinity programs withwhich the user can associate their particular account. The user may thenprovide inputs so as to select a particular affinity program of amerchant with which to associate the particular account. This isrepresented in a step 724. The user then provides one or more inputs soas to cause an association which is operative to link the particularselected account with the particular affinity program in one or moredatabases such as database 748 associated with the at least one computer746 of the merchant's bank. This is represented in a step 726.

In the exemplary embodiment the user interface provided through theuser's PC, mobile device or other device is then operative to prompt theuser as to whether they wish to create more associations linkingparticular accounts with particular affinity programs. This isrepresented in a step 728. If the user wishes to link additionalaccounts and/or already selected accounts to additional affinityprograms, the user can repeat steps 722 through 726 as often as desiredto link their respective debit and credit card accounts to particularmerchant affinity programs.

Further in exemplary embodiments the user is also given the opportunityto select particular promotional items and activities which they wish toreceive or in which they wish to participate. For example in a step 730the user may be queried concerning whether they want promotional offersand the type and character of promotional offers they wish to receive inconnection with the linking of their account to the affinity program.This might include, for example, selections indicating whether the userwishes to be notified of particular discounts, sales, contests, freegiveaways or other items that are being offered by the particularmerchant. The nature of the information presented and which the user canselect will depend on the character of the particular merchant. Inaddition, in some cases the user may be given the option of receivinginformation concerning coupons or other similar items that the merchantoffers in connection with their particular affinity program. This isrepresented in a step 732. Of course it should be understood that otheror additional types of queries and responses may be solicited from theuser in connection with the particular merchants and affinity programswhich are selected and linked to the user's accounts. Upon theconclusion of the input data which is operative to link particularaccounts to affinity programs. Thus, the data corresponding to the userinputs is stored in at least one data store. This is represented by astep 734. This data corresponding to the association of the user'saccounts with the particular affinity programs and the user selectionsin connection therewith are then communicated and distributed throughoperation of one or more computers to the appropriate other computersconnected in the system. This may include, for example, communication ofthe data to the one or more computers 796 and 710 operated by respectivemerchants. This may also include sending the data to the one or morecomputers 752 and also to one or more bank computers and/or othercomputers that utilize the information concerning the association of theuser accounts and the particular affinity programs.

This data may be used, for example, so that when the user utilizes theircard or other data bearing records, that includes their account data inconnection with making a purchase from a merchant the user account dataautomatically indicates a user is a member of the merchant's affinityprogram. The at least one computer of the merchant links the accountdata to the data corresponding to the user identifier, the other dataassociated with the user that is stored in connection with the affinityprogram. This may include for example, the user receiving discounts,free items or other benefits automatically from the particular merchantwithout having to provide a separate user identifier specific to themerchant. Similarly in cases where purchases are made online using theaccount data, linking the user account data to an affinity program wouldbe recognized by the at least one merchant computer as associated withthe particular member of the merchant's affinity program. At least onecomputer operates to correlate the user's affinity data with themerchant to the transaction, so that the user receives the correspondingbenefits.

Further in exemplary embodiments the at least one merchant computer mayalso operate to provide the user with additional benefits to protectaccount data or other things in connection with transactions. This mightbe done for example by utilizing the linkage between the merchant'saffinity identifier for the particular customer to account data for thecustomer. Such linkage data may enable the user to make online purchasesor to conduct other transactions using their affinity programidentifying number, which the merchant can correlate to the user'saccount data through data the merchant has securely stored in itscomputers. Thus, for example, in connection with making online purchasesa user can avoid transmitting their credit or debit account informationthrough a network and instead may utilize their affinity informationwhich may be of no value to criminals in the event that it isintercepted. Thus for example the consumer may utilize their affinitydata for making purchases in lieu of account data, and a merchant maythen have the account data for purposes of authorizing a transaction.

Further in some exemplary embodiments the merchants may utilize the dataprovided by the consumer for purposes of communicating to the consumerat various computer devices associated with the consumer such as theirmobile devices and PCs. Such communications may relate to opportunitiesfor the particular consumer to obtain benefits from the merchants. Inaddition, the at least one computer 752 may also include the data thatassociates the account data that can be read from a card at an automatedbanking machine, with the identifying data of the user for theparticular merchant affinity programs. This data is stored in one ormore databases in connection with the at least one computer 752. The atleast one computer 752 also stores data corresponding to the promotionaloffers, sales opportunities and to other promotions that the merchantsoffer in connection with their affinity program.

In the exemplary embodiment the at least one computer 752 or othercomputers are operative to present through the automated banking machinesuch promotional offers and transaction messages as may be associatedwith the particular affinity programs. Thus for example in the situationwhere a user presents their user card or other data bearing record at anautomated banking machine for purposes of making a cash withdrawaltransaction, the at least one computer 752 receives the informationconcerning the card data and/or the user, and is operative to determinethe affinity programs with which the user is associated. The at leastone computer 752 is also operative to determine such promotional offersor other presentations that are appropriate based on the user'sselections that should be presented to the user through the automatedbanking machine during the transaction. This may include, for example,offers to receive discounts on particular items if they are purchasedfrom the merchant. Such offers may be presented through the interface ofthe automated banking machine, and the user can then provide inputsselecting to receive or decline such offers.

In cases where the user elects to select the offer, the datacorresponding thereto is stored in the at least one data store 754.Thereafter the data corresponding to the selected item by the consumeris communicated to the merchant computer associated with the particularmerchant. Thus, for example, if the promotional item is a discount on apurchase of a particular item from the merchant, this data is stored inconnection with the particular merchant computer. Thereafter when theconsumer utilizes their account in connection with a merchanttransaction, the merchant computer is automatically able to associatethe information regarding the discount the consumer is entitled toreceive when they purchase the particular item, with the user's itempurchase. As a result the user automatically receives the discount. Ofcourse this approach is exemplary and in other embodiments other typesof promotions and features might be used.

Likewise the at least one computer 752 may be operative to offer theuser coupons, tickets, electronic value or other things that the usercan receive directly at the machine. In such cases the at least onecomputer may be operative to cause outputs from the automated bankingmachine to deliver such items to the user. This may include for examplethe printing of a coupon or ticket that the user can then take andredeem to receive the benefit described. Alternatively the at least onecomputer 752 may operate to cause a transfer of value such as to anelectronic wallet or to a stored value account. Such items are deliveredto the at least one output device such as a machine. Such an outputdevice may include a wireless port that is operative to deliver storedvalue or other data corresponding to a value to the user's portabledevice such as a smart phone. Such data that the user may be able toredeem through transactions with the merchant is communicated to themerchant computer system so that the user can take advantage of theparticular benefit.

In alternative embodiments the at least one computer 752 may beoperative to provide a user with information concerning the status oftheir affinity accounts. This might be done for example in response toinputs during a transaction at an automated banking machine.Alternatively or in addition such data could be delivered through apublic or a private network to the computing devices associated with auser such as their mobile device, PC or other device.

As can be appreciated the exemplary system enables a user to receive thebenefit of affinity programs with selected merchants without the need toprovide to the merchant in connection with a particular transaction, aseparate purchaser identifier that is associated with the merchantaffinity program. Instead the user can use their linked account forpurposes of transactions and receive all of the benefits of the affinityprogram. In addition in some exemplary embodiments, selected benefitssuch as coupons, discounts or other things that a user has selected viaan automated banking machine or other ways, can be linked and stored inthe at least one merchant computer so that the user can automaticallyreceive the benefit thereof at the time of their transaction. Further instill other embodiments such a system may enable the user to use a lesssensitive identifier such as an affinity program identifier for purposesof carrying out online transactions instead of transmitting data thatuniversally identifies their account. This may provide the user withenhanced security against criminal attacks and theft of their accountdata.

Of course it should be appreciated that these particular approaches areexemplary and numerous other arrangements, transactions and systems maybe carried out by employing the principles described herein.

While certain exemplary embodiments previously described enable a userof the mobile device the capability to conduct or authorizetransactions, other embodiments may include additional features whichprovide capabilities for conducting transactions via mobile devices.These may include features described in connection with the followingU.S. patents, each of which is incorporated herein by reference in itsentirety: U.S. Pat. Nos. 8,191,767; 8,186,578; 8,177,126; 8,172,130;8,146,803; 8,146,802; 8,127,983; 8,104,676; 8,091,778; 8,070,055;8,052,050; 8,033,456; 8,011,575; 7,992,778; 7,992,777; 7,992,776;7,959,077; 7,946,480; 7,946,477; 7,896,235; 7,874,479; 7,850,073;7,712,656; 7,686,213; 7,657,473; 7,638,448; 7,555,461; 7,537,154;7,490,758; 7,461,779; 7,445,155; 7,445,146; 7,418,427; 7,392,938;7,344,066; 7,216,800; 7,207,477; 7,201,313; 7,150,393; 7,040,533;7,025,256; 6,905,072; 6,796,490; 155 6,702,181; and 6,315,195. All ofthese patents are owned by the assignee of the present invention.

Thus, the features and characteristics of the embodiments previouslydescribed achieve desirable results, eliminate difficulties encounteredin the use of prior devices and systems, solve problems and attain oneor more of the objectives stated above.

In the foregoing description certain terms have been used for brevity,clarity and understanding, however no unnecessary limitations are to beimplied therefrom because such terms are for descriptive purposes andare intended to be broadly construed. Moreover, the descriptions andillustrations given herein are by way of examples and the invention isnot limited to the exact details shown and described.

In the following claims any feature described as a means for performinga function shall be construed as encompassing any means known to thoseskilled in the art capable of performing the recited function, and shallnot be deemed limited to the particular means shown in the foregoingdescription or mere equivalents thereof.

Having described the features, discoveries and principals of theinvention, the manner in which it is constructed, operated, andutilized, and the advantages and useful results attained; the new anduseful structures, devices, elements, arrangements, parts, combinations,systems, equipment, operations, methods, processes, and relationshipsare set forth in the appended claims.

1. An apparatus, comprising: an automated banking machine that operatesto cause financial transfers responsive at least in part to data readfrom data bearing records, the automated banking machine comprises: acard reader operative to read card data from a card associated with auser that correspond to a financial account, an input device operativeto receive inputs from a user, a cash dispenser operative to selectivelycause cash stored in the machine to be accessible to the associateduser, and an automated banking machine computer operatively coupled withthe card reader and the input device, wherein the automated bankingmachine computer is operable to obtain card data from a card associatedwith the associated user from the card reader, and determine from thecard data a financial account for conducting a transaction; wherein theautomated banking machine computer is operable to receive datarepresentative of a check from the input device; and wherein the datarepresentative of the check corresponds to check data that was sent froma mobile device to a remote computer associatively coupled with theautomated banking machine computer via a communication path that doesnot include the automated banking machine.
 2. The apparatus set forth inclaim 1, the data representative of a check further comprises an amount.3. The apparatus set forth in claim 1, wherein the input device furthercomprises an keypad for receiving data representative of an amount forthe check.
 4. The apparatus set forth in claim 1, wherein the inputdevice further comprises a wireless receiver; and wherein the wirelessreceiver is operable to receive data representative of an amount for thecheck.
 5. The apparatus set forth in claim 1, wherein the input devicefurther comprises a bar code scanner; and wherein the bar code scanneris operable to receive the data representative of the check from themobile device.
 6. The apparatus set forth in claim 1, wherein the datarepresentative of the check comprises data representative of an image ofthe check.
 7. The apparatus set forth in claim 1, wherein the automatedbanking machine does not include a check imager.
 8. The apparatus setforth in claim 1, wherein the automated banking machine computer isoperable to send the data representative of the check to the remotecomputer.
 9. The apparatus set forth in claim 1, wherein the automatedbanking machine computer is operable to send data representative of acredit for an amount of the check to the financial account.
 10. Theapparatus set forth in claim 1, further comprising a cash dispensercoupled with the automated banking machine computer; wherein theautomated banking machine computer is operable to dispense cash via thecash dispenser.
 11. The apparatus set forth in claim 11, wherein thedata representative of a check further comprises an amount of the check;wherein the amount of cash dispensed corresponds to the amount of thecheck.
 12. An apparatus, comprising: an automated banking machine thatoperates to cause financial transactions responsive in part to data readfrom data bearing records, the automated banking machine comprises acard reader operative to read card data from a card associated with afinancial account associated with a user, an input device operative toreceive inputs from the user, and an automated banking machine computerthat is coupled with the card reader, an input device, and the outputdevice; wherein the automated banking machine computer obtains card datafrom the card reader and determines the financial account associatedwith the user; and wherein the automated banking machine computer isoperative to determine that a merchant affinity program associated withthe card data; and wherein the automated banking machine computer isoperable to cause a promotional offer associated with the merchantaffinity program to be output via the output device.
 13. The apparatusset forth in claim 12, wherein the automated banking machine computer isoperable to receive data representative of an acceptance of thepromotional offer from the input device; and wherein the automatedbanking machine computer is operative associate the promotional offerwith the financial account responsive to receiving the datarepresentative of acceptance of the promotional offer.
 14. An apparatus,comprising: a processor coupled with a first network and a secondnetwork; the processor is operable to perform a check cashingtransaction initiated by a mobile device coupled with the first network,the mobile device sending data representative of a check; the processoris operative to determine an amount of the check; the processor isoperative to receive transaction data for the check cashing transactionfrom an automated teller machine coupled with the second network, thetransaction data comprising data representative of an account; theprocessor is operative to correlate the data representative of a checksent from the mobile device with the transaction from the automatedteller machine; and the processor is operative to credit the accountwith the amount of the check responsive to successfully correlating thedata representative of a check sent from the mobile device with thetransaction from the automated teller machine.
 15. The apparatus setforth in claim 14, wherein the transaction data comprises datarepresentative of an amount of the check; the computer is furtheroperative to analyze the data representative of a check from the mobiledevice to determine an amount of the check; and wherein the correlatingthe data representative of a check sent from the mobile device with thetransaction from the automated teller machine further comprisesdetermining whether the data representative of an amount of the check inthe transaction data matches the amount of the check determined from thedata representative of a check from the mobile device.
 16. The apparatusset forth in claim 14, wherein the data representative of a checkreceived from the mobile device comprises image data.
 17. The apparatusset forth in claim 14, wherein the processor is operable to determine arouting number a account number for the check from the datarepresentative of a check received from the mobile device comprisesimage data.
 18. The apparatus set forth in claim 14, the processor isfurther operable to verify genuineness of the check.
 19. An apparatus,comprising: an image input device; a user input device; an outputdevice; a wireless transceiver; and a processor coupled with the imageinput device, the output device, the user input device, and the wirelesstransceiver; wherein the processor is operable to obtain datarepresentative of an image of a check; wherein the processor is operableto send data representative of a check to a remote computing device viaa network associated with the wireless transceiver; wherein theprocessor is operable to receive code data associated with the check viathe wireless transceiver; wherein the processor is operable to outputvia the output device data representative of the code data responsive toreceiving an input from the user input device,
 20. The apparatus setforth in claim 19, wherein the output device displays a two dimensionalbarcode corresponding to the data representative of the code device; andwherein the processor is operable to receive a confirmation that theoutput was received via the wireless transceiver.